On Thu, Oct 30, 2008 at 6:18 PM, Martin Atkins <span dir="ltr"><<a href="mailto:mart@degeneration.co.uk">mart@degeneration.co.uk</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">David Fuelling wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
That's not what I mean. Instead, I'm talking about any particular device's ability to "do something" with an OpenID URL. For example, most "devices" (be it Tivo, iPhone, Blackberry, etc) already have some sort of support for a URL (I could be way off here, but I think this is accurate). My thinking is that it should be easier to allow my Blackberry to support OpenID since it's just a URL, and arguably my Blackberry can already "do stuff" with a URL -- it already has a library that can talk HTTP to an endpoint based on the URL. So, adding openid to my blackberry is actually more "easy" (pardon my grammar) with URLs -- the resolvability is of an URL is already built-in to a lot of devices. <br>
However, most of these devices don't natively know how to "resolve" a mailto: link into a URL. It would require extra device-native software. My point really centers around the assumption that since many devices can already natively handle URL's (in the sense that they can resolve them using HTTP) then OpenID should be easier to implement on these devices if an OpenID is a URL. Trying to get all these devices to support a new form of "link", as it were in the form of a mailto: would seem to be more difficult, if I'm thinking pragmatically.<br>
</blockquote>
<br></div>
You need additional software to support OpenID discovery whatever URL scheme is in play. There's more to OpenID discovery than just "fetch the URL". This is why we have OpenID Consumer libraries!<br>
<br>
Even if EAUT (as it currently stands) were used, you still need some code to actually parse the email address and do the EAUT step.<br>
<br>
</blockquote></div><br>This is true if the device is doing native OpenID or OAuth. In that case, my arguement is less valid, since we'll need native software on the device for these protocols anyway. But if I'm writing a native iPhone app (for example), then it's one less piece of "code" to worry about if I don't have to be able to handle mailto: schemes, or any other future scheme too. I can just write an OpenID/OAuth library, and maybe a EAUT library, and I'm good to go. I don't have to write additional code to handle each new OpenID "type" as it comes along.<br>
<br>It's not a bulletproof argument, but something to consdier.<br><br>