Dick Hardt wrote: >> >> But why deprecate support for redirects? I'd (still) like to see OpenID >> implementations that do support browsers without JS turned on . > > > As stated a number of times, because the payload is not big enough with > GET redirects. It is with JS POST redirects. > > OpenID 1.1 did not have a large payload. We expect the payloads to be > much larger with OpenID 2.0.
I guess the payload size will vary according to the RP and IdP implementations, no? > > We will see if the JS requirement is an issue. I do not think it is > given what I know now. Well, admittedly, if no-one except me thinks that redirects should be supported in OpenID 2.0, then I certainly expect to lose that argument ;) Cheers, - John _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs