On 21 Jan 2010, at 09:07, Melvin Carvalho wrote:
>>
>>
>> A longer term and more scalable approach would be to define an Artifact
>> Binding for OpenID - where an artifact (aka a short token) is returned to
>> the RP in lieu of the AX data. The RP then makes a backend direct server
>> call back to the OP with the Artifact to get the actual data. Only the
>> artifact is sent on the browser redirect.
This sounds like what I was suggesting in "Making OpenId RESTful" [1] that
started this thread.
Essentially the OpenId provider returns a URL where more information about the
user is located. This URL could indeed be a bitly url.
> Interesting idea, though it adds another connection, it may be worth it. In
> this case you could be agnostic of the data format, returning key/value
> pairs, FOAF/RDF or ATOM as necessary.
Indeed the web server at that URL can do content negotiation to serve back the
URL most desired by the client (The Relying party in this case)
Henry
[1]
http://lists.foaf-project.org/pipermail/foaf-protocols/2010-January/001477.html
_______________________________________________
specs mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-specs
