Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

yt > Sent: Thursday, May 17, 2007 15:50 > To: Alaric Dailey > Cc: OpenID specs list > Subject: Re: Final outstanding issues with the OpenID 2.0 > Authenticationspecification > > On 5/17/07, Alaric Dailey <[EMAIL PROTECTED]> wrote: >> There are 2 issues that I would li

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

Claus Färber wrote: > Marius Scurtescu schrieb: >> The new attribute values are needed in order to signal an OpenID 2 >> provider. > > Why is this necessary? Is OpenID 2 incompatible? In other words, what > happens if an OpenID 2 Relying Party tries to talk to an OpenID 1.x > Provider? > > If

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

Marius Scurtescu schrieb: > The new attribute values are needed in order to signal an OpenID 2 > provider. Why is this necessary? Is OpenID 2 incompatible? In other words, what happens if an OpenID 2 Relying Party tries to talk to an OpenID 1.x Provider? If the OpenID 1.x Provider just ignore

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

On 5/18/07, Dmitry Shechtman <[EMAIL PROTECTED]> wrote: > > I'm sure that this will break a few implementations > > It certainly will break PHP-OpenID. Which implementation are you referring to as "PHP-OpenID"? Josh ___ specs mailing list specs@openid.n

RE: Final outstanding issues with the OpenID 2.0 Authenticationspecification

> I'm sure that this will break a few implementations It certainly will break PHP-OpenID. Regards, Dmitry =damnian ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

On 18-May-07, at 11:45 AM, Josh Hoyt wrote: > On 5/18/07, Marius Scurtescu <[EMAIL PROTECTED]> wrote: >> On 18-May-07, at 1:00 AM, Dmitry Shechtman wrote: >> In order to be backwards compatible the HTML page should have two >> sets of tags one for OpenID 1.1 and one for OpenID 2.0, both pointing >

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

On 5/18/07, Marius Scurtescu <[EMAIL PROTECTED]> wrote: > On 18-May-07, at 1:00 AM, Dmitry Shechtman wrote: > In order to be backwards compatible the HTML page should have two > sets of tags one for OpenID 1.1 and one for OpenID 2.0, both pointing > to the same OP endpoint URL. Otherwise an OpenID

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

On 18-May-07, at 1:00 AM, Dmitry Shechtman wrote: > 7.3.3. HTML-Based Discovery > > A tag MUST be included with attributes "rel" set to > openid2.provider" > and "href" set to an OP Endpoint URL > > A tag MAY be included with attributes "rel" set to > "openid2.local_id" > and "href" set to t

RE: Final outstanding issues with the OpenID 2.0 Authenticationspecification

7.3.3. HTML-Based Discovery A tag MUST be included with attributes "rel" set to openid2.provider" and "href" set to an OP Endpoint URL A tag MAY be included with attributes "rel" set to "openid2.local_id" and "href" set to the end user's OP-Local Identifier Could somebody please enlighten me

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

# Perhaps we should have explicit feature-freezes. +1 -- Jonathan Daugherty JanRain, Inc. irc.freenode.net: cygnus in #openid cygnus.myopenid.com ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

On 5/17/07, Alaric Dailey <[EMAIL PROTECTED]> wrote: > I hate to be a PITA but these issues were brought up a while ago by Eddy > Nigg and Myself. I understand, but at that time, as now, I was trying to get the spec to be finished. We've been in something of an informal feature-freeze for a while.

RE: Final outstanding issues with the OpenID 2.0 Authenticationspecification

outstanding issues with the OpenID 2.0 Authenticationspecification On 5/17/07, Alaric Dailey <[EMAIL PROTECTED]> wrote: > There are 2 issues that I would like to see addressed. > > 1. Forcing Encryption, to protect users data en-route. > 2. Validated assertions, validating certain b

Re: Final outstanding issues with the OpenID 2.0 Authenticationspecification

On 5/17/07, Alaric Dailey <[EMAIL PROTECTED]> wrote: > There are 2 issues that I would like to see addressed. > > 1. Forcing Encryption, to protect users data en-route. > 2. Validated assertions, validating certain bits of data with a third party. > > I know both of these have come up before, but

RE: Final outstanding issues with the OpenID 2.0 Authenticationspecification

There are 2 issues that I would like to see addressed. 1. Forcing Encryption, to protect users data en-route. 2. Validated assertions, validating certain bits of data with a third party. I know both of these have come up before, but have met with resistence, I would submit that with Sun and AOL

RE: Final outstanding issues with the OpenID 2.0 Authenticationspecification

I've now committed a patch to remove associations in the clear, please review commit 324. http://openid.net/svn/diff.php?repname=specifications&path=%2Fauthentica tion%2F2.0%2Ftrunk%2Fopenid-authentication.xml&rev=324&sc=1 Thanks, --David -Original Message- From: [EMAIL PROTECTED] [mailt

RE: Final outstanding issues with the OpenID 2.0 Authenticationspecification

Very good. Can you produce a draft #12 with the 'issues and resolutions' so that there is something atomic to discuss? -Hans From: [EMAIL PROTECTED] on behalf of Josh Hoyt Sent: Thu 5/17/2007 9:25 AM To: OpenID specs list Subject: RFC: Final outstanding issue