oops, forgot one relevant detail here, which is > What Josh was suggesting is that this work be done in an alternate > implementation of openid.consumer.consumer.Consumer, that makes uses of openid.consumer.consumer.GenericConsumer, which is where all the OpenID logic really lives, independent of any session mechanism.