Discovery of an OpenID session at an OP
Chris Obdam
chris.obdam at holder.nl
Tue Dec 15 18:11:31 UTC 2009
>>> I think John's point is that the mechanism to protect privacy should
>>> be optionally available to OPs: There should be a rule to allow OPs to
>>> push this information without user consent.
>> With 'a rule' you mean, part of OpenID somewhere?
>> If so, I agree.
> The discovery mechanism allows OPs to push the information that they
> are the user has an account with them. The privacy solution implements
> some RP-based opt-in/opt-out. The point that John makes is that OPs
> should not be required to implement the latter to take advantage of
> the former.
Agree. There are no requirements for an OP for other OpenID specific UX's at the moment.
A standard way of work (UX) should evolve from using the discovery mechanism?
More information about the specs
mailing list