<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
John Kemp:
<blockquote cite="mid:47D03833.3080803@jkemp.net" type="cite">
  <pre wrap="">

But given that the claimed_id now will be the result of following 
redirects, it would be my assertion that if the claimed_id has been 
obtained by following 302/303/307 redirects that it is quite possibly 
not actually the user's intended OpenID.
  </pre>
</blockquote>
Why this assumption? You could for example submit example.com as your
ID, which would be naturalized to <a class="moz-txt-link-freetext" href="http://example.com/">http://example.com/</a> which in turn
would be redirected to <a class="moz-txt-link-freetext" href="https://example.com">https://example.com</a> which would return the
claimed ID <a class="moz-txt-link-freetext" href="https://john.example.com/">https://john.example.com/</a><br>
<br>
There could be additional steps in this scenario, all be redirects and
relocations, however whatever is returned to the RP at the end of the
process as the claimed_id is...well, the claimed ID....<br>
<br>
<div class="moz-signature">-- <br>
<table border="0" cellpadding="0" cellspacing="0">
  <tbody>
    <tr>
      <td colspan="2">Regards </td>
    </tr>
    <tr>
      <td colspan="2"> </td>
    </tr>
    <tr>
      <td>Signer: </td>
      <td>Eddy Nigg, <a href="http://www.startcom.org">StartCom Ltd.</a></td>
    </tr>
    <tr>
      <td>Jabber: </td>
      <td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
    </tr>
    <tr>
      <td>Blog: </td>
      <td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
    </tr>
    <tr>
      <td>Phone: </td>
      <td>+1.213.341.0390</td>
    </tr>
    <tr>
      <td colspan="2"> </td>
    </tr>
  </tbody>
</table>
</div>
</body>
</html>