Is there an argument for following the SREG pattern of putting it in the request.Other than the RP perhaps not publishing a XRDS for some reason. (if they don't do that they are not that likely to publish a privacy policy ether.)
Sheer perversity? ;) -Shade desires to publish a perverse "privacy" policy _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
