Securing HTML vs securing HTTP
Josh Hoyt
josh at janrain.com
Tue Jan 24 19:04:34 UTC 2006
Johannes,
On 1/24/06, Johannes Ernst <jernst+lists.danga.com at netmesh.us> wrote:
>
> On Jan 24, 2006, at 10:24, Josh Hoyt wrote:
>
> > Also, the YADIS layer that is growing beneath OpenID and LID uses the
> > same model as OpenID,
>
> Ahem, no?
>
> It *can* use the same model to support those people whose hosting
> provider does not cooperate, but I tend to think that the "right" way
> of implementing it is using the X-YADIS-Location HTTP header, which I
> think is more along the lines that Jens was thinking of.
The model that I was referring to is using a level of indirection for
identity services rather than directly entering the URL for those
services (as LID does). YADIS provides the level of indirection that
OpenID has and LID does not.
Josh
More information about the yadis
mailing list