Hey Dick, Any prospect of getting IPR permission so that you can join the WGs here? We are waiting for you!
=nat On Thu, Aug 13, 2009 at 11:43 PM, Dick Hardt <[email protected]>wrote: > Yes, in OpenID 2.0 the identifiers are optional so an extension could > provide all the functionality. Eg . Attribute Exchange could be used > to move attributes without authenticating. > > -- Dick > > On 2009-08-13, at 7:34 AM, "James Henstridge" <[email protected]> > wrote: > > > On Thu, Aug 13, 2009 at 8:05 AM, Nat Sakimura<[email protected]> > > wrote: > >> I blogged bout the subject here: > >> http://www.sakimura.org/en/modules/wordpress/index.php?p=91 > >> > >> What would be the consensus here? > > > > My reading of the spec (and what I believe is the author's intent) is > > that OpenID extensions do indeed piggyback on an authentication > > request. The note about including the extension's type URI in XRDS is > > a way that an OpenID provider can advertise support for the extension. > > > > Note that in OpenID 2.0, sending openid.identifier in an > > authentication request is optional. So you could potentially use an > > extension without actually authenticating as a particular user. From > > section 9.1: > > > > """ > > "openid.claimed_id" and "openid.identity" SHALL be either both present > > or both absent. If neither value is present, the assertion is not > > about an identifier, and will contain other information in its > > payload, using extensions (Extensions). > > """ > > > > James. > > _______________________________________________ > > specs mailing list > > [email protected] > > http://lists.openid.net/mailman/listinfo/openid-specs > > > -- Nat Sakimura (=nat) http://www.sakimura.org/en/
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
