Josh Hoyt wrote: > > It's confusing to me make the failure response to an immediate mode > request be "id_res", especially if that is not the failure response > for setup mode. I can't see a reason that they can't both use the > "cancel" response to indicate that the OP or end user do not wish to > complete the transaction. > > This is a very minor change, but it will make the spec simpler. >
I think the RP will want to do something different in these two cases. In the "cancel" case (which indicates that the user cancelled the request in some way) the RP will probably return to the login form to invite the user to try again. In the checkid_immediate case, what needs to happen is that the RP must start a checkid_setup request instead, since a negative response in the checkid_immediate case generally means "I can't answer this until I've presented some UI to the user". I suppose it could be argued that the RP should know what it's doing and be able to distinguish between these cases using its own state, but given that the meaning of these responses is different I don't think it's a problem that the messages are different. It'd might be nice if the checkid_setup error response were called something other than "id_res", though. _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
