: Wednesday, 17 October 2007 12:59 PM
To: 'specs@openid.net'
Subject: [OpenID] identify RP when it gets OpenID URL
It can be useful to know who the Relying Party (RP) is during the discovery
phase. That is, the RP should state their identify when they are looking up a
user’s OpenID URL (Claimed Identifier
:36 PM
To: Manger, James H
Cc: specs@openid.net
Subject: Re: [OpenID] identify RP when it gets OpenID URL
Wouldn't User-Agent: be equivalent, and have prior art (feed readers such as
Bloglines identify themselves via User-Agent)?
Manger, James H wrote:
…
“The Relying Party MUST include
On 17/10/2007, Manger, James H [EMAIL PROTECTED] wrote:
Other solutions:
OPs can offer different authentication mechanisms based on the
openid.return_to or openid.realm parameter in an authentication request.
However, the user has less flexibility when they have to relying on OPs.
If the
On 16-Oct-07, at 7:58 PM, Manger, James H wrote:
Use case: Alice wants to use different OPs for different RPs, while
keeping the same URL (eg http://alice.example.net/). For instance,
when logging into a service hosting her backups she wants to use an
OP that requires a one-time
'
Subject: [OpenID] identify RP when it gets OpenID URL
…
Add the following paragraph at the end of section 7.3 Discovery:
“The Relying Party MUST include a From HTTP header field in each HTTP request
made during discovery. The From field holds an email address for the RP (eg
From: [EMAIL PROTECTED
It can be useful to know who the Relying Party (RP) is during the discovery
phase. That is, the RP should state their identify when they are looking up a
user’s OpenID URL (Claimed Identifier).
Use case: Alice wants to use different OPs for different RPs, while keeping the
same URL (eg
