Yeah, I'm not a big fan of openid2.* though it was the simplest method of fixing up HTML discovery to work with multiple protocol versions. I know Josh thought about this more than I did though.
>From what I've seen people do, it is AJAX between your server and application, then OpenID's checkid_immediate between the server and OP, with an AJAX response from your server to application. --David -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rowan Kerr Sent: Tuesday, January 30, 2007 2:02 PM To: specs@openid.net Subject: Re: DRAFT 11 -> FINAL? The openid2.* links bug me a little.. but due to no openid.ns being defined in the 1.x protocol, maybe there is no other way to specify by HTML discovery that your OP is 2.0 capable. Would it be bad to have a openid.version link instead? Also, the spec mentions AJAX interactions, but I don't see how you can actually use AJAX with OpenID, since none of the responses are in XML format .. it relies entirely on GET or POST redirection, not to mention that you have to make cross-domain requests which XmlHttpRequest will not do without extra security privileges. (Or am I missing something?) -Rowan _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs