I agree with David, replying with "bullshit" is definitely not the way we want to interact.
Op 19 mei 2010, om 10:20 heeft David Recordon het volgende geschreven: > Replying with "bullshit" isn't going to welcome anyone new into this > community. Please stop doing this; you've been asked many times. > > Yes, we should increase the involvement of browser vendors and it's great > seeing the work that's happening around FireFox. I plan to track down that > team tomorrow and get a better understanding of what browser-based APIs > they're proposing and what information websites need to advertise to browsers. > > --David > > > On Wed, May 19, 2010 at 1:12 AM, Santosh Rajan <[email protected]> wrote: > HA! BullShit! > > You know what?. I am beginning to believe that we need get the browser > vendors to the OpenID community. Yes Google and Microsoft are already here, > but i don't think they are here in the capacity of "browser vendors". We also > need the mozilla, opera, safari guys. > > And Mozilla has really been doing some good work in this area. Here is a link. > https://wiki.mozilla.org/Labs/Weave/Identity/Account_Manager/Spec/Latest > > > > On Wed, May 19, 2010 at 1:25 PM, David Recordon <[email protected]> wrote: > Coming out of some conversations at IIW today I've made some changes to the > proposal. Patch is attached, but they are: > - Allow passing in `user_id` as a hint when not using immediate mode in the > request. > - Continue to allow users to enter URLs, email addresses, and click buttons > but the returned user identifier must be a HTTPS URI. > - Include the expiration time within the signature. > - Clarify how you verify if the token endpoint is authoritative for a given > user identifier. > - Simplify discovery by removing LRDD and using host-meta to determine the > server token endpoint on a per domain (or sub-domain) basis. We're having a > hard time finding use cases of running multiple different OpenID servers per > domain. > - Remove the separate user info API endpoint and instead make the user > identifiers a protected resource. Fetch the user identifier with an access > token and it returns basic profile information as well as if the access token > was issued by that specific user. > > Thanks for all of the feedback and support both virtually and in person! I'm > planning to move this proposal into GitHub next week (and work with Eran to > actually format it like a spec) so that changes are easier to keep track of. > > --David > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs > > > > > -- > http://hi.im/santosh > > > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
