In the directed identity case, the IdP URL or XRI you give to the RP
resolves to your IdP's XRDS document. Each of your IdPs would have a
different one. If they support directed identity, each would have a Service
with a Type tag value of http://openid.net/identifier_select/2.0. This
service endpoi
On 17-Oct-06, at 2:10 PM, Johannes Ernst wrote:
>>> I think we need to come up with a decision making strategy that
>>> we can live
>>> with, and get the decision made.
>
> What about first, declaring a requirements freeze. I think one of
> the reasons that discussions go around in circles is
I would like to use different IdPs for my vanity URL, blame.ca. In an
OpenID 2.0 world, I can provide either of my IdP URLs to the RP and
then select blame.ca and login.
Does this work? What having two openid.server tags suffice? How would
the RP know which delegate tag goes with which IdP?
Hey Lists
We realized in a meeting today that we had talked to some people in
the community, but had never made a formal statement.
Sxip is writing and will be releasing Java and Perl libraries for
OpenID 2.0 under an Apache license.
You should see them shortly after the spec is finished, as
On 17-Oct-06, at 3:16 PM, Recordon, David wrote:
> The nonce parameter has already been renamed to response_nonce (see
> draft 10) and I do not see the need for a request nonce within the
> protocol. See prior discussion on that.
>
> There is nothing dictating it will be an extension forever. I
I don't see there being general consensus.
I think Chris Drake was supportive of there being less disclosure as
well.
Josh said it could be any of the three, but preferred two parameters.
Brad did not really care.
I do care and would like to see direct criticism on the explanation I
wrote a
+1 to OpenID Provider.
=Drummond
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Josh Hoyt
Sent: Tuesday, October 17, 2006 11:41 AM
To: Dick Hardt
Cc: specs@openid.net
Subject: Re: Changing Terminology (was RE: IdP term in spec (was
RE:Delegation discuss
I'm also echoing what Josh has said. There has been significant
discussion on this issue and there seems to be general consensus,
excluding Sxip, that the protocol should have two parameters.
--David
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Josh
The nonce parameter has already been renamed to response_nonce (see
draft 10) and I do not see the need for a request nonce within the
protocol. See prior discussion on that.
There is nothing dictating it will be an extension forever. I don't see
it being responsible adding it to the core specif
On 17-Oct-06, at 2:30 PM, Josh Hoyt wrote:
> On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> Well, authentication is optional in the spec, so perhaps we should
>> pull that out and make it an extension?
>> In order to just do attribute exchange, we have it so that the RP can
>> decide NOT t
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> Well, authentication is optional in the spec, so perhaps we should
> pull that out and make it an extension?
> In order to just do attribute exchange, we have it so that the RP can
> decide NOT to request an identifier.
Honestly, I think that'd
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> > 2. It is explicit what is going on from an implementation and
> > specification perspective
>
> And I see the opposite. What the RP sends the IdP is just a hint.
> What the IdP sends the RP is authoritative.
> I see having two parameters as imp
I think we need to come up with a decision making strategy that we
can live
with, and get the decision made.
What about first, declaring a requirements freeze. I think one of the
reasons that discussions go around in circles is because new
requirements and use cases are being thrown at the
On 17-Oct-06, at 11:52 AM, Josh Hoyt wrote:
> On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> >> >> * Authentication Age
>> >> >> - Re-proposed today adding clarity in motivation, general
>> >> >> consensus is
>> >> >> needed to add to specification.
>> >> >
>> >> > -1
>> >
>> > There is n
On 17-Oct-06, at 11:15 AM, Josh Hoyt wrote:
> On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> > It is, and must be, the relying party's responsibility to ensure
>> that
>> > the information in the response matches what is discovered. This is
>> > true regardless when portable identifiers
On Tue, 2006-10-17 at 13:29 +1000, Chris Drake wrote:
> Now - how comfortable are you with
> the idea of letting 1.5 billion Chinese people use OpenID
Ideally we'd have the input of the SocialBrain Foundation on that.
Those are the folks who put together OpenID.cn. Has anyone on this list
talked
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> >> >> * Authentication Age
> >> >> - Re-proposed today adding clarity in motivation, general
> >> >> consensus is
> >> >> needed to add to specification.
> >> >
> >> > -1
> >
> > There is no reason for this to be in the core. I could make more
>
Hi,
Why's this proposal "depreciated" ?
( http://www.lifewiki.net/openid/OpenIDProposals )
I'm casting my vote here:
+1 to [PROPOSAL] bare response / bare request
Besides the listed uses, it also allows IdPs to layer privacy and
delegation easily on top of OpenID, as well as permitting cool fut
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> I think we should be open (pun intended) to making changes.
>
> I really like the OpenID Provider -> shortens to OP, and is very
> specific on what it does.
> I have always found IdP to be a misnomer, and have mentioned it in
> the past.
> Now we
On 17-Oct-06, at 10:30 AM, Josh Hoyt wrote:
> On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
>> Josh, would you elaborate on the reasoning behind your votes so that
>> I (and others) understand?
>
> Sure. I'll try to be brief.
Thanks!
>
>> > On 10/15/06, Recordon, David <[EMAIL PROTECTED]>
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> > It is, and must be, the relying party's responsibility to ensure that
> > the information in the response matches what is discovered. This is
> > true regardless when portable identifiers are used and when they are
> > not. It is true for all o
On 10/17/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> Josh, would you elaborate on the reasoning behind your votes so that
> I (and others) understand?
Sure. I'll try to be brief.
> > On 10/15/06, Recordon, David <[EMAIL PROTECTED]> wrote:
> >> * Request Nonce and Name
> >> - Has been partially i
http://tools.ietf.org/html/rfc2818
On 10/17/06, Johannes Ernst <[EMAIL PROTECTED]> wrote:
> I thought that, too, but couldn't find a good reference. Do you have
> a reference handy that explains this?
>
> On Oct 16, 2006, at 10:35, Grant Monroe wrote:
>
> > On 10/14/06, Dick Hardt <[EMAIL PROTECTE
Josh, would you elaborate on the reasoning behind your votes so that
I (and others) understand?
On 16-Oct-06, at 11:21 AM, Josh Hoyt wrote:
> Here are my reactions to what's outstanding:
>
> On 10/15/06, Recordon, David <[EMAIL PROTECTED]> wrote:
>> * Request Nonce and Name
>> - Has been parti
On 16-Oct-06, at 3:24 PM, Recordon, David wrote:
> And here are my votes:
>
> Request nonce and name
> * Take no action
So you are saying to NOT rename the parameter?
+1 rename nonce to response_nonce
+1 to put request_nonce in an extension for RP identity related
functionality
> Authentica
Drummond Reed wrote:
> I think you may have me mistaken for somebody else on the list (. . .)
Double-blind anonymity in action? ;)
-Hans
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
On 15-Oct-06, at 7:25 PM, Recordon, David wrote:
> Hi Chris,
> The rush is that 2.0 has been in a drafting phase for almost six
> months
> now, with draft five being posted at the end of June. While we
> certainly can continue taking the time to make everyone happy, we
> ultimately will never
On 16-Oct-06, at 11:21 AM, Josh Hoyt wrote:
>
>> * Bare Request
>> - Proposed, no discussion yet.
>
> -0 (YAGNI)
Sorry, I don't know what YAGNI means ...
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
On 13-Oct-06, at 3:43 PM, Josh Hoyt wrote:
> On 10/13/06, Marius Scurtescu <[EMAIL PROTECTED]> wrote:
>> The IdP is issuing a signed assertion about these identifiers, I
>> would assume the IdP to check the link between these identifiers.
>
> Sending two identifiers does not *prevent* the IdP fro
On 16-Oct-06, at 12:24 PM, Martin Atkins wrote:
> Chris Drake wrote:
>>
>> There seem to be a lot of people on this list who want to hate and
>> loathe the IdP, and grant all power to the RP. I do not understand
>> this reasoning: our users will select the IdP they trust and like,
>> then they
I thought that, too, but couldn't find a good reference. Do you have
a reference handy that explains this?
On Oct 16, 2006, at 10:35, Grant Monroe wrote:
On 10/14/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
Also note that URL parameters are not secured by TLS in HTTPS.
-- Dick
URL parameters
The example in section 4.1.3 does not match.
mode:error
error:This is an example message
openid.mode=error&openid.err
Should it be openid.mode:error? (Ouch!)
I think "=" instead of ":" is better.
Thanks,
/Prasanta
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
I think we should be open (pun intended) to making changes.
I really like the OpenID Provider -> shortens to OP, and is very
specific on what it does.
I have always found IdP to be a misnomer, and have mentioned it in
the past.
Now we have a great candidate, that provides more clarity, and it
Hi Drummond,
Yikes! - sorry about the misquote - very clumsy of me.
Kind Regards,
Chris Drake
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
Marius Scurtescu wrote:
>
> If ordering is not important then you are guaranteed to get it right.
> The spec could recommend alphabetical ordering, but I don't see the
> need for a must.
>
I agree.
___
specs mailing list
specs@openid.net
http://
35 matches
Mail list logo