Consolidated Delegate Proposal
Dick Hardt
dick at sxip.com
Tue Oct 10 18:59:49 UTC 2006
On 10-Oct-06, at 11:54 AM, Josh Hoyt wrote:
> On 10/10/06, Dick Hardt <dick at sxip.com> wrote:
>> > RP user id is the identifier by which the relying party knows the
>> > user.
>> This is the one that the user gave the RP?
>
> For URL identifiers, it is the supplied identifer, normalized, after
> following redirects. In essence, it's the user's chosen identifier.
and I propose it could also be the IdP if that is what the user typed in
>
> For XRI identifers, it's the canonical ID (i-number).
why not the i-name? then the IdP knows what the user wanted to be
using. The IdP can get the i-number from the i-name, but not the
reverse.
>
>> > "openid.identity" is the IdP user id.
>> Where did this come from?
>
> When using delegation, it's the delegate value. Otherwise, it's the
> same as the RP user id. It is identical to the way that the value for
> "openid.identity" is currently used in OpenID 1 and the current draft
> of OpenID 2.
not sure I am seeing the value of sending both -- and from your last
email, I think you are thinking the same, yes?
-- Dick
More information about the specs
mailing list