> As of today browsers are forced to make untenable assumptions to > detect OPs or RPs. Read > http://openid.net/specs/openid-authentication-2_0-11.html#initiation: > "The form field's "name" attribute SHOULD have the value > "openid_identifier" is the only point for a browser to grip the > protocol. (And the field name is different from OpenID1.x)
Indeed. Here's a suggestion that floated during that talk. The form field: a. SHOULD have "openid_identifier" as its "name" attribute's value, b. MUST have "openid" as a substring its "name" attribute's value and c. SHOULD be the only field in the entire document to satisfy (b). Regards, Dmitry =damnian _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs