Allowing sites to renew information

2006-09-26 Thread Gervase Markham
Having watched a Simon Willison presentation on OpenID, I had the following idea, which I present for your consideration: If you log in to a site using OpenID, and it requests access to your information (e.g. postcode) using the Simple Registration Extension, and you grant it, then it should be

Re: Request for comments: Sorting fields in signature generation

2006-09-26 Thread Josh Hoyt
On 9/26/06, Barry Ferg [EMAIL PROTECTED] wrote: The signature generation algorithm specifies that the fields to be signed be ordered in byte order form. It seems to be implied that the ordering is based on using the field names as sorting keys I think the real topic of this discussion is

Re: Allowing sites to renew information

2006-09-26 Thread Barry Ferg
Good point David, I was referring to school of thought #1. #2 should certainly be possible with AX as well. On 26-Sep-06, at 3:58 PM, Recordon, David wrote: I think that is slightly different from what Gerv was referring to. With Simple Registration, there is nothing stopping a relying

RE: Request for comments: Sorting fields in signature generation

2006-09-26 Thread Granqvist, Hans
Well, then +1 to disallowing such multiplicity! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh Hoyt Sent: Tuesday, September 26, 2006 4:15 PM To: Granqvist, Hans Cc: Barry Ferg; specs@openid.net Subject: Re: Request for comments: Sorting

Re: Request for comments: Sorting fields in signature generation

2006-09-26 Thread Josh Hoyt
On 9/26/06, Marius Scurtescu [EMAIL PROTECTED] wrote: Pass-through parameters are *not part of any OpenID specification.* They are not, but in order to be able to pass them through you have to be able to deal with them. Also, you may have to sign them as well. No one has written a proposal