On Oct 13, 2006, at 12:59, Drummond Reed wrote:
1) If the RP sends the IdP-specific identifier, the RP must keep state tomaintain mapping to the portable identifier (bad), and
I agree, but I'm not sure that this is a big issue. Won't a simple cookie be sufficient?
Johannes Ernst NetMesh Inc.
_______________________________________________ specs mailing list firstname.lastname@example.org http://openid.net/mailman/listinfo/specs