Hello again, Firstly, sorry for the double post, the OpenID.net homepage does not clearly indicate that specs@openid.net is a mailing list. However, it has come to my attention that the mailing list software has truncated my message
http://openid.net/pipermail/general/2008-March/004217.html http://openid.net/pipermail/specs/2008-March/002219.html For the reference of people using mailman's web interface and incase the mailing list software truncated the emails as well I had originally cited the following references: >From the OpenID specification [1]: Consumers MUST canonicalize the Identifier URL, following redirects, and note the final URL. The final, canonicalized URL is the End User's Identifier. >From RFC2616 [2] (emphasis added in upper case): 10.3.4 303 See Other The response to the request can be found under a different URI and SHOULD be retrieved using a GET method on that resource. This method exists primarily to allow the output of a POST-activated script to redirect the user agent to a selected resource. THE NEW URI IS NOT A SUBSTITUTE REFERENCE FOR THE ORIGINALLY REQUESTED RESOURCE. The 303 response MUST NOT be cached, but the response to the second (redirected) request might be cacheable. >From the TAG's findings [3] (emphasis added in upper case): According to the HTTP specification, a response code of 303 indicates that "the response to the request can be found under a different URI ...". It provides the URI where we can look for that response. It's worth noting that although 303 has the role of redirecting user agents after script processing following POST requests, the specification does not limit it to that role. Importantly, the specification also states that "The new URI is not a substitute reference for the originally requested resource." IN OTHER WORDS, RESPONSES CONTAINING THIS CODE DIRECT US TO RELATED MATERIAL. IF WE DEREFERENCE THE SUPPLIED URI AND RECEIVE A REPRESENTATION, IT IS CLEAR THAT THE REPRESENTATION RELATES TO THE URI WE WERE GIVEN IN THE 303 RESPONSE, AND NOT TO THE URI THAT LED TO THE 303 RESPONSE. IN PARTICULAR, WE'RE NOT BEING MISLEAD INTO THINKING THAT THE ORIGINAL URI ITSELF HAS REPRESENTATIONS. I am sorry if this information has reached you twice now. Thanks, -- Noah Slater <http://bytesexual.org/> _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
