Johnny,<div><br></div><div>I agree that RPs should treat them as opaque strings, but due to the constraints in the spec, I can name at least a couple of .NET openid libraries that would choke on openid.local_id values if they were not XRIs or URIs. I'm <i>for</i> loosening this up, but in the meantime, OPs should please conform to this constraint to avoid breaking RPs.</div>
<div><br clear="all">--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">2009/7/10 Johnny Bufu <span dir="ltr"><<a href="mailto:johnny.bufu@gmail.com">johnny.bufu@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">> On Tue, Jul 7, 2009 at 4:03 PM, Johnny Bufu <<a href="mailto:johnny.bufu@gmail.com">johnny.bufu@gmail.com</a>> wrote:<br>
> > Doesn't even have to be a URI even; what matters is that the OP issues<br>
> > it, so they (can) have full control/authority over it if that's a<br>
> > concern for them.<br>
<br>
</div><div class="im">On Thu, Jul 09, 2009 at 01:20:07PM -0700, Breno de Medeiros wrote:<br>
> It does need to be an URI (at least for OpenID). See the spec definition of<br>
> identifiers.<br>
<br>
</div>That part was overspecified, mostly for keeping the spec simpler by<br>
having all identifiers be a subclass of URI and at the expense of some<br>
flexibility for the OPs (if they choose to be strict about this).<br>
<br>
But from a practical / protocol point of view, the OPs are the only ones<br>
that produce (issue) and consume (recognize/authenticate) delegate<br>
identifiers, while the rest of the parties involved pass around and<br>
compare them as opaque strings.<br>
<div><div></div><div class="h5"><br>
<br>
Johnny<br>
<br>
<br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</div></div></blockquote></div><br></div>