Hi Chris, Yes, XAuth can provide the same functionality as x-has-session, but using a centralized service, so that RPs can make a single call to Xauth, rather than multiple simultaneous calls to all the potential OPs.
The Xauth call is cachable (little to no latency), since the Xauth JS should already be cached by the user's browser, and the flag indicating the user's login status is stored in the browser's local storage. Xauth is very similar to the Central Discovery Service proposal: http://sites.google.com/site/oauthgoog/UXFedLogin/central-discovery-service The biggest open issue is determining who and how the xauth.org service will be administered. Allen On 4/19/10 11:08 AM, "Chris Obdam" <[email protected]> wrote: > Looks the same as x-has-session but then locally? Maybe i've missed the > conversation? > > Cheers, > > Chris > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
