Identifier_select response

Wed Feb 6 18:00:44 PST 2008

Kevin Turner wrote:
> openid.identity is always the OP-local identifier.  It's the
> "openid.delegate" value in OpenID 1.x speak, "openid2.local_id" or
> <LocalID> in OpenID 2 terms.  
OK, in this case it starts to make sense to me (after I figured what's 
going on ;-) ).
> This identifier only has meaning when
> talking to one particular OP endpoint; it's not discoverable.  For
> example, it should be technically permissible for me to publish an
> identifier at http://kevin.janrain.com/ with the following service
> definition:
>
> <Type>http://specs.openid.net/auth/2.0/signon</Type>
> <URI>http://example.com/endpoint/</URI>
> <LocalID>urn:uuid:ed8aa824-9441-4eb3-bb9f-e3f02c529349</LocalID>
>
> as long as example.com/endpoint knows that is my account.  My identifier
> is the claimed identifier that leads to that information, not the
> LocalID.
>   
Got it. Thanks for explaining this to me! I misunderstood the meaning of 
the two params completely.
>
> See OpenID 2.0 spec section 11.5, Identifying the End User:
>
>         The Claimed Identifier in a successful authentication response
>         SHOULD be used by the Relying Party as a key for local storage
>         of information about the user.  The Claimed Identifier MAY be
>         used as a user-visible Identifier.  When displaying URL
>         Identifiers, the fragment MAY be omitted.
>
>   
And that's the prove....I think I have read this before, but you know 
how it is...once you are locked into some concept you understand what 
one wants to understand. At least this happens to me from time to time ;-)

-- 
Regards 

Signer:  	Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber:  	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog:  	Join the Revolution! <http://blog.startcom.org>
Phone:  	+1.213.341.0390

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openidenabled.com/pipermail/dev/attachments/20080207/2da6dfd5/attachment-0001.htm 