On Tue, Feb 16, 2010 at 04:22, John Bradley <[email protected]> wrote: > I suspect the advantage to extending the association is more political, > that way you can call it an extension.
I could, but I'd be fabricating. The association request is not extensible. > I think practically it is better to keep the exchange of long term secrets > (Association) separate from the artifact resolution process. I agree. > If we want to do per request shared secrets say SHA256 vs re-using the long > term one I don't have a big problem with that. > I don't yet see a super compelling reason for it though. > John B. Ditto. _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
