<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7638.1">
<TITLE>RE: OpenID 2.0 proposed security profiles</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>That is exactly what you can do with Yadis.<BR>
<BR>
+1 to using authn<BR>
<BR>
--David<BR>
<BR>
<BR>
-----Original Message-----<BR>
From: yadis-bounces@lists.danga.com on behalf of Martin Atkins<BR>
Sent: Thu 8/31/2006 9:57 AM<BR>
To: yadis@lists.danga.com<BR>
Subject: Re: OpenID 2.0 proposed security profiles<BR>
<BR>
I'm going to show how rusty I've got with Yadis now.<BR>
Is it acceptable (as far as XRI is concerned) to specify multiple types?<BR>
<BR>
<Service><BR>
<Type><A HREF="http://openid.net/authen/2.0/A">http://openid.net/authen/2.0/A</A></Type><BR>
<Type><A HREF="http://openid.net/authen/2.0/B">http://openid.net/authen/2.0/B</A></Type><BR>
<URI><A HREF="http://www.livejournal.com/openid/server.bml">http://www.livejournal.com/openid/server.bml</A></URI><BR>
</Service><BR>
<BR>
If this is acceptable, then I think it's okay to say that "everything is<BR>
a profile". The above declares that I support both profiles. Since I've<BR>
not carefully studied the contents of each profile I'm not sure if<BR>
that's even possible, but if we assume that there's going to be a<BR>
profile that essentially says "I support everything", with these two<BR>
being a subset of it, then we can easily require that all<BR>
implementations comply with at least one profile!<BR>
<BR>
<BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>