<div class="gmail_quote">On Thu, Jun 18, 2009 at 9:41 PM, Allen Tom <span dir="ltr"><<a href="mailto:atom@yahoo-inc.com">atom@yahoo-inc.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Well, the spec does allow the OP to ignore the claimed identifier and to just treat all requests as an OP-identifier.<br><font color="#888888">
</font></blockquote><div><br>If it does, then I don't like that part of the spec. IMO if the RP wanted to use an OP Identifier it could have used one. But if an RP needs to verify that a user controls a particular identifier, then it loses that ability for OPs that ignore the claimed_id in the request. <br>
</div></div>