Timing of Realm/RP validation
Hubert Le Van Gong
Hubert.Levangong at Sun.COM
Sat Jan 16 00:49:01 UTC 2010
Greetings,
Is it correct to say the spec (2.0) does not mandate a specific moment
in the protocol at which the RP/realm validation should occur?
For instance, the OP could first authenticate the user and then
perform RP verification or it could do that validation before
authenticating
the user. Although the latter seems more intuitive (and efficient)
would both
be compliant?
Cheers,
Hubert
--
Hubert A. Le Van Gong
Identity Architect
Sun microsystems, Inc.
17 Rue Duprey
Grenoble, 38000
France
--------------------------------------------------
email: hubert.levangong at sun.COM
tel:+33 4 7663 0935
blog: http://blog.levangong.com/
N 45 11.900'
W 005 44.145'
Elev. 736 ft.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100116/5bf8c1a2/attachment.htm>
More information about the specs
mailing list