Note that it primarily a limit of the OP, in which case the user does the same thing all the time as they are using the same OP everywhere.
-- Dick On 16-Nov-07, at 11:07 AM, Bradescu, Roxana wrote: > It's unfortunate that users have to know which version of the protocol > sites are running to know what they can type into the login box. > > Roxana Bradescu | VeriSign Innovation > > > -----Original Message----- > From: Johnny Bufu [mailto:[EMAIL PROTECTED] > Sent: Friday, November 16, 2007 10:07 AM > To: Bradescu, Roxana > Cc: [EMAIL PROTECTED]; Trevor Johns; [email protected] > Subject: Re: [security] Validating openid.identity in > authenticationresponses > > > On 16-Nov-07, at 9:39 AM, Bradescu, Roxana wrote: >> David, I've noticed the use case you describe doesn't actually work >> at a >> many RP's. For example if I go to livejournal.com and just put in >> just >> my IDP pip.verisignlabs.com I get an error. > > Directed identity is a 2.0 feature, while livejounal seems to be > speaking only 1.x. > > > Johnny > > _______________________________________________ > security mailing list > [email protected] > http://openid.net/mailman/listinfo/security > > _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
