On 6/5/07, Drummond Reed <[EMAIL PROTECTED]> wrote:
> I supposed this doesn't apply to large sites, where all identifiers are
> managed "in trust" for users and they can enforce non-access to previous
> fragments. But for personal URLs it doesn't appear to work at all. Am I
> missing anything?

Enabling recycling for large sites that control their own identifiers
was the use case that was declared mandatory to cover for the OpenID
2.0 specification. I would personally like to have a solution that
protects identifiers without a central manager, but that is not the
case that is holding up OpenID 2.0.

specs mailing list

Reply via email to