ditching multiple openid.server declarations
mart at degeneration.co.uk
Fri Jun 10 05:45:47 PDT 2005
Brad Fitzpatrick wrote:
> Previously we'd discussed declaring multiple openid.server <link> tags.
> It was originally proposed from a high-availability perspective, until
> it was pointed out that consumers can't detect failure when it's the user
> agent that's timing out/failing, and you can't grab them back.
> But I still kept it in because I was thinking about credential passing to
> sites like flickr for posting to my blog without my password (a layer on
> top of OpenID, not part of this spec), and I thought it'd be convenient to
> have flickr able to pick the openid server for where it'd want to post to.
> But that's a weak argument, since the user should declare anyway what blog
> to post it to.
> Plus it really conflicts w/ openid.delegate... how do you line up multiple
> multiple openid.server declarations to their respective openid.delegate
> declarations without packing them together? Ugly.
> So --- I'm yanking out support for multiple openid.server declarations
> from Net::OpenID::Consumer. It wasn't well documented or discussed
On reflection, I agree. It makes so many things more complicated,
ambiguous or confusing. The only argument for it was that consumers
could pick an ID server that they trust, so if a particular site bands
my own ID server I can still use LiveJournal's, or vice-versa.
It's a shame to lose that, but I don't think it ever would have worked
out in practice anyway.
More information about the yadis