Non-recoverable auth failure?

Martin Atkins mart at degeneration.co.uk
Tue Jun 28 19:48:53 PDT 2005


Brad Fitzpatrick wrote:
> 
> Okay, okay, now we're talking.
> 
> That proposal I think I actually like.  (I also hate the weird
> post_grant special cases, btw.)
> 
> Let me do some browser tests on some JavaScript stuff right now and get
> back to you.
> 
> In particular, I want to test an automatic AJAX mode:
> 
>   -- original window opens a full-sized new window, remembering
>      the new window's reference
> 
>   -- new window does identity trust, returns, finds window.opener (if it
>      still exists after moving between domains?), and then completes
>      transaction by talking to window.opener
> 
> If so (and I think it'll be fine) then I'm all in favor of dropping
> post_grant and making the spec say it always returns.
> 
> Anybody else for/against that?
> 
> - Brad
> 

Even if you can't do all that fancy stuff, there's no reason why you
can't do window.close(), right? So losing the special case doesn't cost
anything.

I'm for. Anything to reduce the number of little wacky things that ID
servers have to handle.



More information about the yadis mailing list