On Sunday 26 April 2009 07:21:20 Kevin Kofler wrote: > Bill Crawford wrote: > > Google is taking advantage of a feature in OpenID 2.0 known as "Directed > > Identity". This allows an OpenID 2.0 Relying Party to start the OpenID > > protocol flow using a known URL (Yahoo!'s is http://openid.yahoo.com/) to > > allow for "one click" style login dialogues. By performing discovery on > > this URL, using the XRDS XML format, the OpenID Provider advertises the > > OpenID Endpoint URL for the Relying Party to make a request against. > > Google is doing this correctly with the URL to perform discovery against > > being https://www.google.com/accounts/o8/id. > > And how are the sites supposed to know this URL? By hardcoding a list of > such URLs? (Yuck! That pretty much defeats the point of OpenID and brings > us back to a hardcoded list of ID providers.) Or by asking the user to > paste it? (Even worse, now the user has to paste an obscure URL *and* enter > their e-mail address rather than just pasting an obscure URL, what problem > does that solve?) > > Kevin Kofler Again, please take it up with Google or the OpenID people :o) -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
