Hi Chris Would you clarify these IdP initiated scenarios?
I envisioned that an IdP learned of an RP from the user have an initial interaction with the RP. The IdP would then save the RP URL for later use in case the user wanted to go back to the RP directly from the IdP. -- Dick On 15-Oct-06, at 10:30 AM, Chris Drake wrote: > Hi Drummond, > > Don't forget we'll need some way for an IdP to discover the return_to > URL from an RP in the IdP-initiated scenarios (I'd suggest a META or > LINK tag in the web page that the RP displays for accepting a login, > so an IdP (or browser plugin agent!) can "discover" this by parsing > the referrer page directly. There's a lot of anti-phishing work > taking place right now: such a scheme would allow OpenID instant > access to these new standards too.) > > Kind Regards, > Chris Drake > > > Monday, October 16, 2006, 2:59:12 AM, you wrote: > > DR> +1. All of the "defined algorithms for obtaining the XRDS > document" from > DR> either a URL or XRI will be going into Working Draft 11 of XRI > Resolution > DR> 2.0 starting this week. So it seems all the OpenID > Authentication 2.0 spec > DR> needs to specify is that they work against the return_to URL. > > DR> =Drummond > > DR> -----Original Message----- > DR> From: [EMAIL PROTECTED] > DR> [mailto:[EMAIL PROTECTED] On Behalf > DR> Of Johannes Ernst > DR> Sent: Sunday, October 15, 2006 12:00 AM > DR> To: specs@openid.net > DR> Subject: Re: Discussion: RP Yadis URL? > > DR> Yes. Or any of the other defined algorithms for obtaining the XRDS > DR> file, given the return_to URL. > > DR> On Oct 14, 2006, at 23:50, Dick Hardt wrote: > >>> I assume you are referring to the return_to URL? >>> >>> Current libraries add all kinds of parameters to that URL, would >>> you be suggesting that the IdP does a GET on the return_to URL with >>> content-type of XRDS? >>> >>> If so, then we should add that to the spec. I'd then like to get >>> clear on what would need to be in the Yadis file for indicating the >>> login_url. >>> >>> -- Dick >>> >>> On 14-Oct-06, at 11:43 PM, Johannes Ernst wrote: >>> >>>> Given that the RP has at least one URL, we can perform regular >>>> Yadis discovery on it. (Likely, all of the RP's URLs point to the >>>> same Yadis document.) >>>> >>>> I don't think an extension to the protocol is needed. >>>> >>>> On Oct 14, 2006, at 22:39, Dick Hardt wrote: >>>> >>>>> Currently there is no method for the IdP to learn anything >>>>> about the >>>>> RP. As a path for extensibility, would anyone have a problem with >>>>> having an optional parameter in the AuthN Request for the >>>>> location of >>>>> the RP's Yadis document? >>>>> >>>>> -- Dick >>>>> _______________________________________________ >>>>> specs mailing list >>>>> specs@openid.net >>>>> http://openid.net/mailman/listinfo/specs >>>> >>>> Johannes Ernst >>>> NetMesh Inc. >>>> >>>> <lid.gif> >>>> http://netmesh.info/jernst >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> specs mailing list >>>> specs@openid.net >>>> http://openid.net/mailman/listinfo/specs > > DR> Johannes Ernst > DR> NetMesh Inc. > > > DR> _______________________________________________ > DR> specs mailing list > DR> specs@openid.net > DR> http://openid.net/mailman/listinfo/specs > > > > _______________________________________________ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs > > _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs