SREG's Privacy Policy URL

[George Fletcher]

I think for a short-term solution we'd need to define service "types" 
for the privacy policy and TOS for XRDS.

For the long-term, the same could potentially be used as "rel" values in 
the XRD markup. The XRD spec is solidifying but is not 100% stable.

I think we should have a discovery option regardless of whether we 
update UX or AX. So I'd like to see a proposal for XRDS and then when 
XRD is available, supporting that.

Thanks,
George

Allen Tom wrote:
> Hi Luke,
>
> Yes, this is what we're looking for. Currently, in OpenID, the only 
> way for the RP to link to its privacy policy (which is sort of like 
> linking to its ToS) is by passing it in the openid.sreg.policy_url 
> parameter using SREG.
>
> Since we're trying to deprecate SREG, we can try to move this 
> parameter to either the UI or AX Extension, or move it into Discovery.
>
> Is there an actual Discovery spec?
>
> Allen
>
>
> Luke Shepard wrote:
>> FWIW, Facebook Connect allows relying parties to define a “terms of 
>> service” url. We then show that link to users when they click on it. 
>> With OpenID, the equivalent URL would be set using relying party 
>> discovery. Is this more or less what you’re looking for?
>>
>> Screenshot:
>>
>>
>>
>>
>> On 6/2/09 10:21 AM, "Allen Tom" <atom at yahoo-inc.com> wrote:
>>
>>
>>     Alternatively, the RP could publish its privacy policy in its
>>     discovery
>>     document, which does make a lot of sense, but I understand that
>>     there's
>>     a lot of work going on to define the next generation of
>>     discovery, and
>>     I'm not quite sure what the timeframe is for that.
>>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>