used ; HTML is case-insensitive so
is ok; XHTML is case-sensitive so is not acceptable.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh Hoyt
Sent: Wednesday, 31 January 2007 12:50 PM
To: Recordon, David
Cc: specs@openid.net
Subject: Re: DRAFT 11
On 1/31/07, Recordon, David <[EMAIL PROTECTED]> wrote:
> I'm happy changing it from "AJAX". I think it was originally used since
> AJAX is a bit overloaded already and people normally understand the
> "flashy non-reloading" sort of thing when saying it.
I suppose some people might, but for a deve
L PROTECTED] On
Behalf Of Rowan Kerr
Sent: Wednesday, January 31, 2007 12:50 PM
To: specs@openid.net
Subject: Re: DRAFT 11 -> FINAL?
On 1/31/07, Martin Atkins <[EMAIL PROTECTED]> wrote:
> I think the spec is misusing the AJAX abbreviation a bit here, since
> the usual approach to doin
On 1/31/07, Martin Atkins <[EMAIL PROTECTED]> wrote:
> I think the spec is misusing the AJAX abbreviation a bit here, since the
> usual approach to doing this doesn't involve XMLHttpRequest at all, but
> instead works something like this:
*snip*
Yeah I've implemented a pure javascript demo this w
On 1/30/07, Josh Hoyt <[EMAIL PROTECTED]> wrote:
*snip*
> While it is true that since the link relationship names changed, the
> "openid2" is technically redundant, I think it is much clearer to
> everybody what is going on if the link relationship contains the
> version number. If the protocol ver
Rowan Kerr wrote:
>
> Also, the spec mentions AJAX interactions, but I don't see how you can
> actually use AJAX with OpenID, since none of the responses are in XML
> format .. it relies entirely on GET or POST redirection, not to
> mention that you have to make cross-domain requests which
> XmlHt
On 1/30/07, Recordon, David <[EMAIL PROTECTED]> wrote:
> Yeah, I'm not a big fan of openid2.* though it was the simplest method
> of fixing up HTML discovery to work with multiple protocol versions. I
> know Josh thought about this more than I did though.
1. Before authentication is initiated, th
then OpenID's checkid_immediate between the server and OP,
with an AJAX response from your server to application.
--David
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Rowan Kerr
Sent: Tuesday, January 30, 2007 2:02 PM
To: specs@openid.net
Subject: Re:
The openid2.* links bug me a little.. but due to no openid.ns being
defined in the 1.x protocol, maybe there is no other way to specify by
HTML discovery that your OP is 2.0 capable. Would it be bad to have a
openid.version link instead?
Also, the spec mentions AJAX interactions, but I don't see h
Färber
Sent: Saturday, January 20, 2007 10:15 AM
To: specs@openid.net
Subject: Re: DRAFT 11 -> FINAL?
Dick Hardt <[EMAIL PROTECTED]> schrieb/wrote:
> Are there any more issues with this specification:
> http://openid.net/specs/openid-authentication-2_0-11.html
> Can we
Martin Atkins schrieb:
> Since your list is long, I'm only going to address things I have an
>> | 7.3.3. HTML-Based Discovery
> In practice, few implementations actually use an HTML parser to find
> these elements. These extra restrictions are present to facilitate
> regex-based parsing.
Yes,
Since your list is long, I'm only going to address things I have an
answer to. I'll leave the rest to other people. :)
Claus Färber wrote:
> -
> | 4.1.1. Key-Value Form Encoding
> |
> | A message in Key-Value form is a sequence of lines. Each line begins
> | with a key, followed by a colon,
Dick Hardt <[EMAIL PROTECTED]> schrieb/wrote:
> Are there any more issues with this specification:
> http://openid.net/specs/openid-authentication-2_0-11.html
> Can we make this final?
Ok, here are the problems I found during a quick review:
-
| 4.1.1. Key-Value Form Encoding
|
| A me
nd, and I are tackling this afternoon, and then we'll
> publish draft 11.
>
> Thanks,
> --David
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Dick Hardt
> Sent: Thursday, January 18, 2007 3:45 PM
> To: specs@open
s@openid.net
Subject: DRAFT 11 -> FINAL?
Hey List
To deal with the recent security concern postings about OpenID, language
was added to clarify a secure channel is needed between the OP and the
end-user's machine.
Are there any more issues with this specification:
http://openid.net/spe
Hey List
To deal with the recent security concern postings about OpenID,
language was added to clarify a secure channel is needed between the
OP and the end-user's machine.
Are there any more issues with this specification:
http://openid.net/specs/openid-authentication-2_0-11.html
C
16 matches
Mail list logo