2007-10-27

HTML discovery in OpenId 2.0

The OpenId 2.0 specification is intended to be backwards compatible. However in the latest draft (12), the recommended markup for HTML discovery gives the 'rel' attribute in the 'link' element the values 'openid2.provider openid.server' and 'openid2.local_id openid.delegate'. In OpenId 1.x the values for 'rel' were simply 'openid.server' and 'openid.delegate'.

So to really be compatible with previous versions, the markup should be the same as in OpenId 1.x. I urge the authors of the specification to change it back. In my experience with OwnId if you stick to the specification on this, you break compatibility with previous versions.

Come to think of it, I don't see why a link to the server is needed at all. Can someone explain this to me?

1 comment:

  1. I've found the answer to these questions. The thing to do is have 4 link elements; two in the 1.x style, and two in the 2.0 style.

    Also, the OP Endpoint URL is necessary because the OP-Local Identifier isn't necessarily a URL, it could be a user name or email address.

    ReplyDelete