Consolidated Delegate Proposal

Josh Hoyt josh at janrain.com
Tue Oct 17 21:23:54 UTC 2006 

On 10/17/06, Dick Hardt <dick at sxip.com> wrote:
> > 2. It is explicit what is going on from an implementation and
> > specification perspective
>
> And I see the opposite. What the RP sends the IdP is just a hint.
> What the IdP sends the RP is authoritative.
> I see having two parameters as implying more meaning then is really
> there.

The IdP sending two identifiers *in the response* as the important
part. The IdP is only authoritative *if discovery says it is*. There
is no more meaning to the response than "I am asserting that when you
do discovery, you will find that this information is true." What other
meaning do you see?

> Did you read what I wrote? Was there something you did not
> understand? Perhaps you can point out what you disagree about what I
> wrote?

It's possible that I misinterpreted "the RP is figuring them out
anyway." I took this as questioning why two identifiers is an
improvement over the current (delegate only) model.

My answer to this question was "it is explicit what is going on from
an implementation and specification perspective." This statement was
motivated by implementation experience and experience writing about
this issue in OpenID 2 drafts. I believe that the two identifier
approach will be easier.

I also believe that if I had spent the time that I've spent arguing
about this issue in documentation and implementation, the world would
be better off, regardless of which of the three viable options for
identifier portability had been chosen.

I repeat, ALL THREE OPTIONS ARE VIABLE. There are trade-offs for all
of them. You know which trade-offs I'd make. I know which ones you'd
make. We just need to make a decision so that we can spend our energy
and time on things that will make a difference to end-users. This is
my last word on this list about this issue, unless there is
significant insight. I am not going to change my votes.

If you want to discuss it more off-list, I'm willing, but I think
that'd just be wasting both of our time.

Josh

More information about the specs mailing list