Privacy issue because of using <a href="http://webintents.org">webintents.org</a>'s JS shim?<div>Then yes. They are not even providing the JS file via HTTPS :p</div><div><br></div><div>I didn't know account chooser WG is also looking into WebIntents.</div>
<div>I'll involve with them.</div><div><br></div><div>thanks<br><br><div class="gmail_quote">2012/4/10 John Bradley <span dir="ltr"><<a href="mailto:ve7jtb@ve7jtb.com">ve7jtb@ve7jtb.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word">Nov,<div><br></div><div>There are some privacy issues around <a href="http://www.webintents.org/" target="_blank">web intents</a> and it's predecessor Xauth.</div><div><br></div><div>
The <a href="http://sites.google.com/site/oidfacwg/" target="_blank">account chooser WG</a> is currently looking at how to deal with that. It is possible that they might support the web intents invocation if it makes it into browsers other than chrome at some point.</div>
<div><br></div><div>At the moment to support a broad range of browsers they are using html5 post message, much like the web intents JS shim. </div></div></blockquote><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word"><div><br></div><div>You should get involved with that WG.</div><div><br></div><div>John B.</div><div><br><div><div><div class="h5"><div>On 2012-04-09, at 12:06 AM, matake, nov wrote:</div>
<br></div></div><blockquote type="cite"><div><div class="h5">Hi all,<div style="font-family:Helvetica;font-size:medium"><br></div><div style="font-family:Helvetica;font-size:medium">WebIntents is one of the interesting features of HTML5, which enables browser-based inter-service delegation.</div>
<div style="font-family:Helvetica;font-size:medium"><br></div><div style="font-family:Helvetica;font-size:medium">Since it seems very useful as a solution of NASCAR problem, I've made a WebIntents-based OpenID Connect discovery demo using my OP & RP.</div>
<div style="font-family:Helvetica;font-size:medium">You can try it following the step described in this post.</div><div style="font-family:Helvetica;font-size:medium"><a href="http://t.oauth.jp/post/20756025471/when-you-access-to-an-openid-relying-party-rp" target="_blank">http://t.oauth.jp/post/20756025471/when-you-access-to-an-openid-relying-party-rp</a></div>
<div style="font-family:Helvetica;font-size:medium"><br></div><div style="font-family:Helvetica;font-size:medium">I hope you guys are interested in it.</div><div style="font-family:Helvetica;font-size:medium"><br></div><div style="font-family:Helvetica;font-size:medium">
Thanks</div><div style="font-family:Helvetica;font-size:medium"><br></div><div style="font-family:Helvetica;font-size:medium"><div>ps.</div><div>Now I'm thinking about how to standardize those 2 point.</div><div>* WebIntents action for OpenID Connect discovery (need to discuss with W3C guys?)</div>
<div>* OpenID Connect discovery endpoint for WebIntents (probably in OIDF)</div></div><div style="font-family:Helvetica;font-size:medium"><br></div><div style="font-family:Helvetica;font-size:medium">--</div><div style="font-family:Helvetica;font-size:medium">
nov</div></div></div>
_______________________________________________<br>Openid-specs-ab mailing list<br><a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank">Openid-specs-ab@lists.openid.net</a><br><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><br>
</blockquote></div><br></div></div></blockquote></div><br></div>