assoc_type and assoc_handle
Brad Fitzpatrick
brad at danga.com
Wed Jun 8 17:57:01 PDT 2005
I noticed that checkid_* mode is defined like:
* GET OpenID server URL
* openid.mode = 'checkid_immediate'
* openid.identity = OpenID URL
* openid.return_to = return URL
* openid.assoc_handle = HMAC secret handle (optional, see "dumb mode")
But no assoc_type.
So if in the future somebody does associate and request UMAC or HMAC-Tiger
or whatever, and the server accepts, there's no way to actually use that
assoc_handle you got with the checkid_* modes.
So we need to either add assoc_type to checkid_* mode (easier?) or merge
assoc_type into the assoc_handle, as was proposed with the x.500/ldap/etc
format of "{HMAC-TIGER}gibberishfooo"
I'll assume the addition of assoc_type to checkid_* modes for now.
- Brad
More information about the yadis
mailing list