Discovery of an OpenID session at an OP
Breno de Medeiros
breno at google.com
Tue Dec 15 21:25:32 UTC 2009
>
>> Regardless of the justification, one could argue that OPs should not
>> be mandated to implement the privacy solution because they may know
>> better what their consumers want. That is good as it goes, but we
>> should still make sure that the design makes it easy for RPs to
>> implement the privacy issue
>
> You mean easy for the OPs to implement, right?
>
No, I actually meant easy for RPs to implement, otherwise RPs would
only implement the easier 'no privacy' variant and OPs would not have
the choice to implement a more privacy-oriented alternative at all.
More information about the specs
mailing list