[Openid-specs-ab] Key-Value Form Encoding
Nat Sakimura
sakimura at gmail.com
Wed Apr 14 08:07:05 UTC 2010
OpenID Authentication 2.0 uses proprietary Key-Value Form Encoding for the
Direct Communication Response.
It has limitations that it cannot wrap the value.
This is potentially a problem for some processors if the value happens
to be a very long string.
In OpenID Authn 2.0, it was not a problem because it was only used for
association
response and for verifying directly with the OpenID Provider where
returned response parameters are ns, is_valid, and invalidate_handle.
In our case, it can potentially be a problem because we carry anything that
an extension carries.
So, I would like to propose using JSON instead of Key-Value Form Encoding.
As you know, they are very close to each other. The delta being,
JSON requires
1) "{" and "}" at the beginning and the end of the file.
2) key and value must be quoted by double quote.
What would be the sentiment of the WG?
--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
More information about the Openid-specs-ab
mailing list