If these four issues are resolved, can we call the OpenID 2.0
Authentication specification done? Speak up if you have any other
show-stoppers.
Josh
Yesterday, Dmitry and I had a long talk about browser support for
OpenID. I think it is consensus between us two to state, that there
are lots
Josh Hoyt wrote:
If these four issues are resolved, can we call the OpenID 2.0
Authentication specification done? Speak up if you have any other
show-stoppers.
Josh
I hate to speak up last minute, but I was at a few tech conferences in
the past month or two, and spoke with lots of
As a relative newcomer to the OpenID community, I realize this may have
been debated endlessly already, and I may just be shouted down.
It definitely has been debated endlessly.
Or am I alone here?
No, you aren't. There are many who agree with this entirely, some of whom
have expressed their
Hans:
Thank you for your comments. I agree with you that not vulnerable to
*this* man in the middle attack is more accurate.
Regards,
Guoping
-Original Message-
From: Granqvist, Hans [mailto:[EMAIL PROTECTED]
Sent: Friday, May 18, 2007 10:14 AM
To: Guoping Liu; OpenID specs list
On 18-May-07, at 1:00 AM, Dmitry Shechtman wrote:
7.3.3. HTML-Based Discovery
A LINK tag MUST be included with attributes rel set to
openid2.provider
and href set to an OP Endpoint URL
A LINK tag MAY be included with attributes rel set to
openid2.local_id
and href set to the end
On 18-May-07, at 11:09 AM, Recordon, David wrote:
Hey Marius,
Good point, committed a patch so please review! :)
http://openid.net/svn/diff.php?repname=specificationspath=%
2Fauthentica
tion%2F2.0%2Ftrunk%2Fopenid-authentication.xmlrev=325sc=1
That was fast :-)
Looks good, but I would add
On 5/18/07, Marius Scurtescu [EMAIL PROTECTED] wrote:
On 18-May-07, at 1:00 AM, Dmitry Shechtman wrote:
In order to be backwards compatible the HTML page should have two
sets of tags one for OpenID 1.1 and one for OpenID 2.0, both pointing
to the same OP endpoint URL. Otherwise an OpenID 1.1
On 18-May-07, at 11:45 AM, Josh Hoyt wrote:
On 5/18/07, Marius Scurtescu [EMAIL PROTECTED] wrote:
On 18-May-07, at 1:00 AM, Dmitry Shechtman wrote:
In order to be backwards compatible the HTML page should have two
sets of tags one for OpenID 1.1 and one for OpenID 2.0, both pointing
to the
David,
On 18-May-07, at 11:09 AM, Recordon, David wrote:
Hey Marius,
Good point, committed a patch so please review! :)
On 18-May-07, at 11:08 AM, [EMAIL PROTECTED] wrote:
+ t
+ As discussed in the xref
+target=compat_modeOpenID Authentication 1.1
+
On 5/18/07, Dmitry Shechtman [EMAIL PROTECTED] wrote:
I'm sure that this will break a few implementations
It certainly will break PHP-OpenID.
Which implementation are you referring to as PHP-OpenID?
Josh
___
specs mailing list
specs@openid.net
Don,
On 5/18/07, Don MacAskill [EMAIL PROTECTED] wrote:
My company, SmugMug, is an OpenID provider for hundreds of thousands of
high value paying accounts, and will shortly be a consumer as well.
I'll freely admit that I haven't fully digested 2.0's pre-spec, but at
least part of that reason
If these four issues are resolved, can we call the OpenID 2.0
Authentication specification done? Speak up if you have any other
show-stoppers.
I'd like to know WHERE to publish the below mentioned XRDS Document
in 2_0-11 TOC 14.
7.3.3 in draft 11 says
The openid2.provider and openid2.local_id URLs MUST NOT include entities
other than amp;, lt;, gt;, and quot;. Other characters that would
not be valid in the HTML document or that cannot be represented in the
document's character encoding MUST be escaped using the
So I'd like my employer (for discussion purposes, The Great
Plumbers Association, http://plumbers.co) to act as an OpenID
OP. I want all our plumber members to use the same OP URL
for OpenID authentication, let's say https://id.plumbers.co/
So the RP doesn't try XRI Resolution, and Yadis fails
On 18-May-07, at 2:19 PM, Peter Watkins wrote:
[...]
Would we put the OP-Local Identifier in both openid.claimed_id *and*
openid.identity?
The user/OP can choose to send the local_id as the claimed
identifier, or any other claimed identifier that delegates to the
local_id sent as
15 matches
Mail list logo