On Oct 13, 2006, at 12:59, Drummond Reed wrote:
1) If the RP sends the IdP-specific identifier, the RP must keep state to
maintain mapping to the portable identifier (bad), and

I agree, but I'm not sure that this is a big issue. Won't a simple cookie be sufficient?


Johannes Ernst
NetMesh Inc.

GIF image

 http://netmesh.info/jernst




_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs

Reply via email to