Non-recoverable auth failure?
Brad Fitzpatrick
brad at danga.com
Thu Jun 23 16:30:05 PDT 2005
On Thu, 23 Jun 2005, Carl Howells wrote:
> Martin Atkins wrote:
...
> > cancelled". It just requires the ID server to redirect to the return URL
> > with mode=cancel.
> >
> [snip]
> >
> > Sound reasonable?
>
> Hmm. Yes, it would have been more clear if I'd thought to phrase it
> that way initially. That proposal would definately work for me. How
> about for our benevolent protocol and security dictators?
So servers can redirect the UA to return_url w/ "openid.mode=cancel"?
Works for me. Paul?
> And any thoughts (from anyone) on on my proposed change to the use of
> the user_setup_url after using checkid_immediate?
I'll admit I didn't quite follow. What can't you do with the existing
modes?
- Brad
More information about the yadis
mailing list