know when it's fixed.
Thanks
Allen
Luke Shepard wrote:
Hi-
I've noticed an ambiguity with the way URLs are handled that exists in the
current spec. I'm hoping we can resolve it for OpenID 2.1.
When we move the OpenID transaction into a popup window, we need a way for the
popup
:
On Wed, Mar 25, 2009 at 3:33 AM, Luke Shepard lshep...@facebook.com
wrote:
One crude way to do it would be to have the caller specify that they want
the return_to args simply appended instead of integrated into the URL-
perhaps an argument like openid.append_return_to_params=true. But that
sounds
Agreed. If all you want is a group, then I'd think that the response would just
not include an identifier.
You could use an extension, perhaps AX, to request information about the group
a user belongs to.
For example, if you wanted to understand company membership, you could request
and
As I suggested, an OP may want to give an updated session via
checkid-immediate. Facebook Connect does this, and it seems like a legit use
case to me.
From: Andrew Arnott andrewarn...@gmail.com
To: Allen Tom a...@yahoo-inc.com
Cc: Luke Shepard; OpenID Specs
both HTTP and HTTPS the best practice would be to always use
the https: version for realm so that RP discovery cant be spoofed via DNS.
Regards
John B.
On 13-May-09, at 2:10 AM, specs-requ...@openid.net wrote:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
. If they are
based on the realm as people are discussing, introducing wildcards etc
introduces the question of realm normalization on that side.
John Bradley
On 14-May-09, at 11:25 AM, Luke Shepard wrote:
So, RP delegation sounds like a very general solution to the problem, and seems
okay to push