On 19-Oct-06, at 10:24 AM, Martin Atkins wrote: > Dick Hardt wrote: >> >> Agreed that it is desirable to have multiple RP endpoints for an RP. >> Does openid.realm then uniquely identify an RP? ie. no other RP will >> use the same Realm? >> > > I'd say that if two endpoints are within the same realm that they > are by > definition part of the same RP. > > This does raise the question of what to do when one realm exists > inside > another, but I suppose the most obvious answer is to select the most > specific of the available options — that is, the one with the least > "wildcardy-ness"[1]. Someone probably should define precisely how the > specificity of realms works if it isn't in the spec already.
This goes back to the original question I had: how does the IdP uniquely identify the RP. I guess if the realm string is different, then it is a different RP, even if one is contained in another. The issue here is that realm is an overloaded parameter. It is being presented to the user for the user to decide if it wants to IdP to provide similar results to any RP return_to that matches the wildcard. It is also being used by the IdP to uniquely identify the RP. > > > > [1] Now *that* is a good word! I like it! _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
