RE: DRAFT 11 -> FINAL? openid2

2007-01-31 Thread Manger, James H
used ; HTML is case-insensitive so is ok; XHTML is case-sensitive so is not acceptable. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh Hoyt Sent: Wednesday, 31 January 2007 12:50 PM To: Recordon, David Cc: specs@openid.net Subject: Re: DRAFT 11

Re: DRAFT 11 -> FINAL?

2007-01-31 Thread Rowan Kerr
On 1/31/07, Recordon, David <[EMAIL PROTECTED]> wrote: > I'm happy changing it from "AJAX". I think it was originally used since > AJAX is a bit overloaded already and people normally understand the > "flashy non-reloading" sort of thing when saying it. I suppose some people might, but for a deve

RE: DRAFT 11 -> FINAL?

2007-01-31 Thread Recordon, David
L PROTECTED] On Behalf Of Rowan Kerr Sent: Wednesday, January 31, 2007 12:50 PM To: specs@openid.net Subject: Re: DRAFT 11 -> FINAL? On 1/31/07, Martin Atkins <[EMAIL PROTECTED]> wrote: > I think the spec is misusing the AJAX abbreviation a bit here, since > the usual approach to doin

Re: DRAFT 11 -> FINAL?

2007-01-31 Thread Rowan Kerr
On 1/31/07, Martin Atkins <[EMAIL PROTECTED]> wrote: > I think the spec is misusing the AJAX abbreviation a bit here, since the > usual approach to doing this doesn't involve XMLHttpRequest at all, but > instead works something like this: *snip* Yeah I've implemented a pure javascript demo this w

Re: DRAFT 11 -> FINAL?

2007-01-31 Thread Rowan Kerr
On 1/30/07, Josh Hoyt <[EMAIL PROTECTED]> wrote: *snip* > While it is true that since the link relationship names changed, the > "openid2" is technically redundant, I think it is much clearer to > everybody what is going on if the link relationship contains the > version number. If the protocol ver

Re: DRAFT 11 -> FINAL?

2007-01-31 Thread Martin Atkins
Rowan Kerr wrote: > > Also, the spec mentions AJAX interactions, but I don't see how you can > actually use AJAX with OpenID, since none of the responses are in XML > format .. it relies entirely on GET or POST redirection, not to > mention that you have to make cross-domain requests which > XmlHt

Re: DRAFT 11 -> FINAL?

2007-01-30 Thread Josh Hoyt
On 1/30/07, Recordon, David <[EMAIL PROTECTED]> wrote: > Yeah, I'm not a big fan of openid2.* though it was the simplest method > of fixing up HTML discovery to work with multiple protocol versions. I > know Josh thought about this more than I did though. 1. Before authentication is initiated, th

RE: DRAFT 11 -> FINAL?

2007-01-30 Thread Recordon, David
then OpenID's checkid_immediate between the server and OP, with an AJAX response from your server to application. --David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rowan Kerr Sent: Tuesday, January 30, 2007 2:02 PM To: specs@openid.net Subject: Re:

Re: DRAFT 11 -> FINAL?

2007-01-30 Thread Rowan Kerr
The openid2.* links bug me a little.. but due to no openid.ns being defined in the 1.x protocol, maybe there is no other way to specify by HTML discovery that your OP is 2.0 capable. Would it be bad to have a openid.version link instead? Also, the spec mentions AJAX interactions, but I don't see h

RE: DRAFT 11 -> FINAL?

2007-01-30 Thread Recordon, David
Färber Sent: Saturday, January 20, 2007 10:15 AM To: specs@openid.net Subject: Re: DRAFT 11 -> FINAL? Dick Hardt <[EMAIL PROTECTED]> schrieb/wrote: > Are there any more issues with this specification: > http://openid.net/specs/openid-authentication-2_0-11.html > Can we

HTML parsing in HTML-based discovery (was: DRAFT 11 -> FINAL?)

2007-01-26 Thread Claus Färber
Martin Atkins schrieb: > Since your list is long, I'm only going to address things I have an >> | 7.3.3. HTML-Based Discovery > In practice, few implementations actually use an HTML parser to find > these elements. These extra restrictions are present to facilitate > regex-based parsing. Yes,

Re: DRAFT 11 -> FINAL?

2007-01-25 Thread Martin Atkins
Since your list is long, I'm only going to address things I have an answer to. I'll leave the rest to other people. :) Claus Färber wrote: > - > | 4.1.1. Key-Value Form Encoding > | > | A message in Key-Value form is a sequence of lines. Each line begins > | with a key, followed by a colon,

Re: DRAFT 11 -> FINAL?

2007-01-25 Thread Claus Färber
Dick Hardt <[EMAIL PROTECTED]> schrieb/wrote: > Are there any more issues with this specification: > http://openid.net/specs/openid-authentication-2_0-11.html > Can we make this final? Ok, here are the problems I found during a quick review: - | 4.1.1. Key-Value Form Encoding | | A me

Re: DRAFT 11 -> FINAL?

2007-01-18 Thread Dick Hardt
nd, and I are tackling this afternoon, and then we'll > publish draft 11. > > Thanks, > --David > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Dick Hardt > Sent: Thursday, January 18, 2007 3:45 PM > To: specs@open

RE: DRAFT 11 -> FINAL?

2007-01-18 Thread Recordon, David
s@openid.net Subject: DRAFT 11 -> FINAL? Hey List To deal with the recent security concern postings about OpenID, language was added to clarify a secure channel is needed between the OP and the end-user's machine. Are there any more issues with this specification: http://openid.net/spe

DRAFT 11 -> FINAL?

2007-01-18 Thread Dick Hardt
Hey List To deal with the recent security concern postings about OpenID, language was added to clarify a secure channel is needed between the OP and the end-user's machine. Are there any more issues with this specification: http://openid.net/specs/openid-authentication-2_0-11.html C