On Fri, Feb 06, 2009 at 03:43:30PM -0500, McGovern, James F (HTSC, IT) wrote:
> 2. Which is worse, having to sort through false positives or to not
> perform static analysis at all and have OpenID fail once some bad guy
> busts the implementation so badly that everyone runs away from OpenID?
What
On Fri, Feb 06, 2009 at 01:34:33AM +0900, Nat Sakimura wrote:
> It might be worthwhile for somebody like OIDF to buy a
> license and run a certification program out of it.
If OIDF wants to certify something, it should certify compliance to the
OpenID standard. It would be good for OIDF to make an
On Thu, May 24, 2007 at 10:19:08AM -0700, Josh Hoyt wrote:
> On 5/24/07, Peter Watkins <[EMAIL PROTECTED]> wrote:
> > Shouldn't the spec clarify what is required for an HTML discovery to
> > uphold an assertion that triggers 11.2's discovery process?
>
> The
Section 11.2 states
"If the Claimed Identifier was not present in the request ("openid.identity"
was "http://specs.openid.net/auth/2.0/identifier_select";), the Relying Party
MUST perform discovery on the Claimed Identifier in the response to make sure
that the OP is authorized to make assertio
On Mon, May 21, 2007 at 11:50:32AM -0700, Josh Hoyt wrote:
> On 5/20/07, Claus Färber <[EMAIL PROTECTED]> wrote:
> > Peter Watkins schrieb:
> > > 7.3.3 in draft 11 says
> > >
> > > The "openid2.provider" and "openid2.local_id" URLs
So I'd like my employer (for discussion purposes, The Great
Plumbers Association, http://plumbers.co) to act as an OpenID
OP. I want all our plumber members to use the same OP URL
for OpenID authentication, let's say https://id.plumbers.co/
So the RP doesn't try XRI Resolution, and Yadis fails be
7.3.3 in draft 11 says
The "openid2.provider" and "openid2.local_id" URLs MUST NOT include entities
other than "&", "<", ">", and """. Other characters that would
not be valid in the HTML document or that cannot be represented in the
document's character encoding MUST be escaped using the perce
On Wed, Nov 08, 2006 at 11:16:41PM -0500, David Fuelling wrote:
> Couldn't one make the opposite argument -- that most people's email address
> NOT working when they plug it into the OpenId login field could actually be
> a good thing? (especially in the beginning of OpenID)
> Scenario #2 (WITH e
Recordon, David wrote:
> Involving DNS seems to make this too complex. If we're going to involve
> DNS, we might as well re-architect Yadis to use it as yet another
> discovery option.
Yes, the TXT proposal seems complex. I prefer Phillip's second
suggestion, but I think something more unique wou