Please see the RFC. SHOULD is used if there is a valid reason for it not being a MUST.
If the RP does not have the tag, the a rich client will not work. Authentication cannot proceed. That is broken as far as the user is concerned. What if doing HTML disco was a SHOULD instead of a MUST? Then that RP would not work with certain identifiers. -- Dick On 18-Oct-06, at 8:58 PM, Recordon, David wrote: > In my view, it is because the authentication protocol can proceed with > no problems if this field is named something different. As things > won't > break, as far as the protocol is concerned, this would also be nearly > impossible to enforce or justify. It is easy to tell a developer > to fix > how they're creating signatures, authentication transactions do not > complete, but enforcing convention around form fields seems > difficult at > best. I'd imagine that if a RP does not follow this recommendation > then > a rich client should treat it as not being a relying party. > > --David > > -----Original Message----- > From: Dick Hardt [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 18, 2006 11:35 PM > To: Recordon, David > Cc: Jonathan Daugherty; specs@openid.net > Subject: Re: PROPOSAL: OpenID Form Clarification (A.4) > > Why SHOULD rather then MUST? [1] > > What valid reason is there for an RP to not have that field name? > > [1] http://www.ietf.org/rfc/rfc2119.txt > > -- Dick > > On 18-Oct-06, at 1:28 PM, Recordon, David wrote: > >> Agreed, just like the spec already says "The form field's "name" >> attribute SHOULD have the value "openid_identifier" as to allow User >> Agents to automatically prefill the End User's Identifier when >> visiting a Relying Party." >> >> I'm all for this feature, as well as even identifying the form >> itself, > >> though don't see how it should be a MUST over a SHOULD for a Relying >> Party. >> >> --David >> >> -----Original Message----- >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >> Behalf Of Jonathan Daugherty >> Sent: Wednesday, October 18, 2006 2:33 PM >> To: Dick Hardt >> Cc: specs@openid.net >> Subject: Re: PROPOSAL: OpenID Form Clarification (A.4) >> >> # Proposal >> # >> # Modify 8.1 to: >> # ... >> # >> # The form field's "name" attribute MUST have the value # >> "openid_identifier" as to allow User Agents to automatically >> prefill # > >> the End User's Identifier when visiting a Relying Party. >> >> This should be a SHOULD, not a MUST. >> >> -- >> Jonathan Daugherty >> JanRain, Inc. >> _______________________________________________ >> specs mailing list >> specs@openid.net >> http://openid.net/mailman/listinfo/specs >> >> > > > _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs