It is probably not good form to start using URI under http://schemas.opeinid.net
without permission.
Brenno and I are putting together a WG proposal for a registry of such
things including AX attributes.
We can put them in xrdstype.net but that is more informational than
official.
I don
On 1-Jul-09, at 5:21 PM, Breno de Medeiros wrote:
Even much easier is to define a that can be discovered in
the XRDS document, and requires no changes to AX libraries.
On Jul 1, 2009, at 10:13 PM, John Bradley wrote:
I think we agree. It is another URL for the registry:)
OK, what should
Breno,
I think we agree. It is another URL for the registry:)
We just need to get some OP's to modify there RP discovery to support
it.
I know Andrew Arnott supports the idea so he will likely implement it
in DotNetOpenAuth.
If Google and some of the others go along it should be proble
Even much easier is to define a that can be discovered in the XRDS
document, and requires no changes to AX libraries.
On Tue, Jun 30, 2009 at 12:41 PM, John Bradley wrote:
> One way would be for the library authors to include it without a approved
> standard as it doesn't break anything.
>
-
27;t break anything.
We just need to pick a type and do it.
John B.
On 30-Jun-09, at 3:00 PM, specs-requ...@openid.net wrote:
Date: Mon, 29 Jun 2009 15:21:37 -0500
From: Joseph A Holsten
Subject: Re: SREG's Privacy Policy URL
To: specs@openid.net
Message-ID: <23b9be0b-ee67-4
On Jun 3, 2009, at 12:56 AM, Chris Messina wrote:
Instead (and our WG process is really effed here), perhaps we should
have a Policy Expression Extension (acronym pending) so that we
could express things like this:
xri://$xrds*simple
http://schemas.openid.net/policies/privacy
http://exa
+1 for making it discoverable.
I worry about passing privacy policies in (unsigned) requests. Much better
to have it discoverable from well-known-locations (hopefully using XRD 1.0
which has a less invasive approach to well-known-locations than Yadis).
On Tue, Jun 2, 2009 at 11:11 PM, Santosh Raj
make something like
this available quickly for those that want a lightweight solution for
the missing AX functionality.
John B.
On 3-Jun-09, at 6:26 AM, specs-requ...@openid.net wrote:
Date: Tue, 2 Jun 2009 22:56:27 -0700
From: Chris Messina
Subject: Re: SREG's Privacy Policy URL
Chris Messina wrote:
>
>
> I also think that RP discovery makes a lot of sense, and that really this
> stuff should all live in /host-meta.
>
>
Yes I think so too.
-
Santosh Rajan
http://santrajan.blogspot.com http://santrajan.blogspot.com
--
View this message in context:
http://w
I worry a little about dumping this into the UX extension, because it's not
the logical place to look for it.
Instead (and our WG process is really effed here), perhaps we should have a
Policy Expression Extension (acronym pending) so that we could express
things like this:
xri://$xrds*simple
+1 RP discovery. If something is likely to persist beyond the active request,
then it shouldn't be in the request necessarily.
RP discovery would allow, for instance, an OP to show a page of all RPs a user
has connected to, and links to their respective privacy policies. They can
model the OP a
Would internationalizing entail the OP getting the URL for the RP's
privacy policy in the right language?
If so, why not just have one URL and let the RP detect the user
agent's preferred language? (Yes, I know the UI extension has this
for the reason that the user agent isn't properly configu
st
start publishing it.
It isn't like we haven't done that in the past. SREG was never
adopted as a standard.
John B.
On 2-Jun-09, at 2:28 PM, specs-requ...@openid.net wrote:
Date: Tue, 2 Jun 2009 11:27:44 -0700
From: Andrew Arnott
Subject: Re: SREG's Privacy Policy U
Whether we go for passing a parameter or not, I like the idea of (also)
having RP discovery offer a URL as well so that unsolicited assertions from
OPs can show the privacy policy to the user.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to
The internationalization problem is one of the reasons why it might make
more sense for the privacy policy url to be passed in as a parameter by
the RP. The RP already is passing the user's language to the OP as part
of the UI extension, so we could just make this an additional parameter.
Alte
.
John B.
On 2-Jun-09, at 1:56 PM, specs-requ...@openid.net wrote:
Date: Tue, 02 Jun 2009 10:55:55 -0700
From: Allen Tom
Subject: Re: SREG's Privacy Policy URL
To: Luke Shepard , "specs@openid.net"
Message-ID: <4a2567ab.10...@yahoo-inc.com>
Content-Type:
Would internationalizing entail the OP getting the URL for the RP's privacy
policy in the right language?
If so, why not just have one URL and let the RP detect the user agent's
preferred language? (Yes, I know the UI extension has this for the reason
that the user agent isn't properly configured,
Is there a way this can be internationalized?
On Jun 2, 2009, at 11:14, Allen Tom wrote:
OK, how about if we define a new Privacy Policy for RPs to
include in their XRDS, with a link to their privacy policy?
So the RP would just include the following snippet in its discovery
document, dis
I like this idea best.
UI spec, and a future version of the AX spec can mention this.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre
On Tue, Jun 2, 2009 at 11:14 AM, Allen Tom wrote:
> OK, how about if we d
OK, how about if we define a new Privacy Policy for RPs to
include in their XRDS, with a link to their privacy policy?
So the RP would just include the following snippet in its discovery
document, discoverable under its realm:
http://specs.openid.net/path/to/privacy/policy
http://www.rely
I think for a short-term solution we'd need to define service "types"
for the privacy policy and TOS for XRDS.
For the long-term, the same could potentially be used as "rel" values in
the XRD markup. The XRD spec is solidifying but is not 100% stable.
I think we should have a discovery option
Hi All,
The Simple Registration Extension provides an interface for the RP to
pass the OP a link to the RP's privacy policy in the authentication
request. According to the SREG spec, OPs SHOULD display this URL to the
End User if it is given.
http://openid.net/specs/openid-simple-registratio
22 matches
Mail list logo
