On 3-Jun-07, at 2:14 AM, Recordon, David wrote: >> Overall, I'm not sure we are ready in this community to pick one >> alternative over another as "the standards". I have my views, >> (many) others have (many) others -- and I don't think that any >> of this has to be in an Authentication 1.x (x>1) or 2.0 spec, >> whatever it will be. This seems like a clean add-on. > > I also agree with Johannes here. I'd like to see this written as an > extension so that if the first approach doesn't work, the Auth spec > itself doesn't have to be "reverted. Rather we can finish 2.0 and try > implementing different approaches before deciding on the final way to > solve this problem.
I don't see how we can solve this problem as an extension as we need the RP to know that a memorable identifier has some extra info that makes it unique when reused. This is core to OpenID. -- Dick _______________________________________________ specs mailing list email@example.com http://openid.net/mailman/listinfo/specs