RE: [OpenID] identify RP when it gets OpenID URL

2007-10-23 Thread Manger, James H
: Wednesday, 17 October 2007 12:59 PM To: 'specs@openid.net' Subject: [OpenID] identify RP when it gets OpenID URL It can be useful to know who the Relying Party (RP) is during the discovery phase. That is, the RP should state their identify when they are looking up a user’s OpenID URL (Claimed Identifier

RE: [OpenID] identify RP when it gets OpenID URL

2007-10-17 Thread Manger, James H
:36 PM To: Manger, James H Cc: specs@openid.net Subject: Re: [OpenID] identify RP when it gets OpenID URL Wouldn't User-Agent: be equivalent, and have prior art (feed readers such as Bloglines identify themselves via User-Agent)? Manger, James H wrote: … “The Relying Party MUST include

Re: [OpenID] identify RP when it gets OpenID URL

2007-10-17 Thread James Henstridge
On 17/10/2007, Manger, James H [EMAIL PROTECTED] wrote: Other solutions: OPs can offer different authentication mechanisms based on the openid.return_to or openid.realm parameter in an authentication request. However, the user has less flexibility when they have to relying on OPs. If the

Re: [OpenID] identify RP when it gets OpenID URL

2007-10-17 Thread Johnny Bufu
On 16-Oct-07, at 7:58 PM, Manger, James H wrote: Use case: Alice wants to use different OPs for different RPs, while keeping the same URL (eg http://alice.example.net/). For instance, when logging into a service hosting her backups she wants to use an OP that requires a one-time

RE: [OpenID] identify RP when it gets OpenID URL

2007-10-17 Thread Manger, James H
' Subject: [OpenID] identify RP when it gets OpenID URL … Add the following paragraph at the end of section 7.3 Discovery: “The Relying Party MUST include a From HTTP header field in each HTTP request made during discovery. The From field holds an email address for the RP (eg From: [EMAIL PROTECTED

[OpenID] identify RP when it gets OpenID URL

2007-10-16 Thread Manger, James H
It can be useful to know who the Relying Party (RP) is during the discovery phase. That is, the RP should state their identify when they are looking up a user’s OpenID URL (Claimed Identifier). Use case: Alice wants to use different OPs for different RPs, while keeping the same URL (eg