On 11/9/06, David Fuelling <[EMAIL PROTECTED]> wrote: > So, '[EMAIL PROTECTED]' would be treated as if the User had entered > 'http://any.edu' (the URL of their IdP/OP) into the OpenId login form.
I don't like the idea of telling people to enter their username, and then throwing it away. As mentioned below, [EMAIL PROTECTED] can map to a valid http url. This really, I suppose, is a matter of choice on the part of an IdP as to what sorts of instructions they give to their users about identifying themselves to RPs. Verisign's PIP does userx.pip.verisign.com Somone might do example.com/user/x Someone else might do [EMAIL PROTECTED] Discovery would be performed identically on all the above ... and we're left with a problem of user education. -Rowan _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs