My understanding is that an OpenID Identity page with just the below tag MUST be the claimed identifier in the RP's eyes, and the rules of delegation would also include that since no openid2.local_id tag is included that the claimed_id and local_id be the same. So there's no way that Google's OP should authorize that OpenID for anyone except the one whose local_id matches Google's user database. <br>
<br><div class="gmail_quote">On Fri, Nov 7, 2008 at 6:12 PM, Allen Tom <span dir="ltr"><<a href="mailto:atom@yahoo-inc.com">atom@yahoo-inc.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
How does someone delegate their OpenID URL to Google?<br>
<br>
Putting following into the <head> section of the OpenID page:<br>
<br>
<link rel="openid2.provider" href="<a href="https://www.google.com/accounts/o8/ud" target="_blank">https://www.google.com/accounts/o8/ud</a>" /><br>
<br>
seems to allow *any* user with a Google account to sign in with the<br>
delegated OpenID.<br>
<font color="#888888"><br>
Allen<br>
</font><div class="Ih2E3d"><br>
<br>
Breno de Medeiros wrote:<br>
><br>
> Bottom line: The fact that the op_local technique is not available for<br>
> usage with the Google OP does not mean that it cannot support<br>
> delegation.<br>
><br>
><br>
<br>
</div><div><div></div><div class="Wj3C7c">_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</div></div></blockquote></div><br>