It's unfortunate that users have to know which version of the protocol sites are running to know what they can type into the login box.
Roxana Bradescu | VeriSign Innovation -----Original Message----- From: Johnny Bufu [mailto:[EMAIL PROTECTED] Sent: Friday, November 16, 2007 10:07 AM To: Bradescu, Roxana Cc: [EMAIL PROTECTED]; Trevor Johns; [email protected] Subject: Re: [security] Validating openid.identity in authenticationresponses On 16-Nov-07, at 9:39 AM, Bradescu, Roxana wrote: > David, I've noticed the use case you describe doesn't actually work > at a > many RP's. For example if I go to livejournal.com and just put in just > my IDP pip.verisignlabs.com I get an error. Directed identity is a 2.0 feature, while livejounal seems to be speaking only 1.x. Johnny _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
