On 28-Sep-06, at 2:57 PM, Josh Hoyt wrote: > On 9/27/06, Dick Hardt <[EMAIL PROTECTED]> wrote: >> Additionally, as we have researched what is contained in registration >> forms, this use case does not look like it will be that common. Many >> forms have some site specific data, and I am now thinking that this >> is not a very useful feature. > > I'm glad that we're in agreement on this.
:-) > >> wrt. passthrough data >> >> Many sites preserve state between forms with hidden values. Given >> that registration on a site will likely ask the user for some site >> specific data, some sites will likely be maintaining state through >> hidden fields, and it will be easier for them to integrate OpenID if >> the RP can send values that it gets back later on. Given this is not >> explicitly in the spec, we can write it up. Would welcome feedback on >> passthrough data. > > This model is only necessary for sites that do not support > sessions, right? Depends on what you mean by sessions. High availability sites work hard to be stateless and that all state is in each request, either as a cookie, in the URL or as POST data. _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
