Version Handling [ was OpenID status update ]

Brad Fitzpatrick brad at
Mon Jun 6 10:30:54 PDT 2005

On Mon, 6 Jun 2005, Paul Crowley wrote:

> Ben Hyde wrote:
> >   1) sadly fail if you get openid.* parameters you don't comprehend.  [
> > my prefence]
> >   2) happily ignore openid.* parameters you don't comprehend.
> You are very right that this must be made explicit.  I favour 1, though.

I don't like the idea of failing on unknown parameters... that makes it
hard to gently upgrade in the future.

> Actually there's a case to be made that servers should do 2 and
> consumers should do 1.  The party making the request can do nothing
> about the capabilities of the recipient, so has to beef up their request
> with everything that any receipient might want; the party making the
> reply knows enough to know what the client can accept, and so should
> only include a field if the client MUST accept it.

That sounds about right.

> That's probably too complex though.

Then let's favor 2 both ways.

- Brad

More information about the yadis mailing list