Re: Question on Association Secrets

[Kevin Turner]

On Mon, 2008-03-10 at 11:27 +0100, Oliver Welter wrote:
> 1) Is an individual session dedicated to an Identifier/OP Combo, or is a 
> secret/session used for different Identifiers which are served by the 
> same OP?

Associations are for a pair of (RP, OP), usable for any communication
between them regardless of identifier.

> 2) Is support of "No-Encryption over TLS" mandatory for each RP?

An RP that does not work when asked to communicate with an HTTPS
endpoint does not have a fully compliant installation of the protocol.
However, there do exist a number of these installations in the wild.


___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs

Re: [OpenID] Problems with OpenID and TAG httpRange-14

[Noah Slater]

On Mon, Mar 10, 2008 at 10:46:38AM -0700, Drummond Reed wrote:
> It doesn't mean it won't get "looked at" or discussed here. However any
> formal changes to the specifications must wait until these WGs are started.

Great.

> I'll bring it up at the next OpenID Foundation board meeting (this Thursday)
> so board members are aware of this issue.

Thank you, I really appreciate your efforts.

I will stick around on this list and wait for any potential updates.

Thanks again.

--
Noah Slater 
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs