Behavior needs to be specified before it can be recommended. So the spec MUST specify how to deal with the multiple parameters before it can set the use thereof as NOT RECOMMENDED.
Hans > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Recordon, David > Sent: Wednesday, September 27, 2006 1:13 PM > To: Josh Hoyt; Marius Scurtescu; Brad Fitzpatrick > Cc: specs@openid.net > Subject: RE: Request for comments: Sorting fields in > signature generation-Call for votes > > I don't think multiple parameters with the same name should > be completely disallowed, rather that section 7.1 should > strongly discourage their use. I agree that from the core > authentication standpoint they aren't needed today, though do > understand that in the future there may be a compelling use > case for them. I believe the simplicity that is offered from > not supporting them out weighs the benefit of form handling > with existing forms. > > So +1 to tightening up section 7.1, but -1 to it specifically > allowing multiple parameters with the same name. I believe > the wording should be such that it is "strongly NOT > RECOMMENDED that extensions to OpenID Authentication utilize > GET or POST parameters with the same name". > > Brad, thoughts? > > --David > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Josh Hoyt > Sent: Wednesday, September 27, 2006 12:20 PM > To: Marius Scurtescu > Cc: specs@openid.net > Subject: Re: Request for comments: Sorting fields in > signature generation -Call for votes > > On 9/27/06, Marius Scurtescu <[EMAIL PROTECTED]> wrote: > > please keep in mind that we are not asking for some fancy new > > technology or feature, just conformance with a very basic an wide > > spread convention of handling parameters in HTTP/HTML. > > As Kevin pointed out, we are not working on the HTTP/HTML > form processing specification. We are working on an > authentication protocol. > Restricting the protocol to forbid multiple parameters with > the same name does not break conformance with anything. > > I think that we have discussed the majority of the technical > issues regarding multiple parameters with the same name. I > could respond to your individual points, but I don't think > that would get us any closer to agreement. > > Can we get +1/-1 on multiple parameters with the same name > from people without @sxip.com or @janrain.com e-mail addresses? > > Clearly, we (JanRain) are -1. > > Josh > _______________________________________________ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs > > _______________________________________________ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs > > _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
