Fwd: Length of Identity URL

Ben Hyde bhyde at pobox.com
Tue May 24 10:24:28 PDT 2005

On May 24, 2005, at 1:00 PM, Martin Atkins wrote:

> I'm currently working on a simple OpenID consumer app as a test, and 
> have as a result created a database table to retain known users and 
> their profile information.
> I'm allocating a 50-character VARCHAR field for storing the Identity 
> URL, but it occurs to me that a URL can theoretically be of any 
> length.
> I think then that the spec should give a recommended maximum URL 
> length after which consumers are allowed to reject the URL. Users who 
> try to assert longer URLs must then be prepared for it to fail in some 
> cases.
> I just picked 50 arbitrarily. I welcome discussion on what a good 
> value would be. Currently we've only LiveJournal's URLs to work with 
> as an example, and these have a maximum length of 39 characters. The 
> modestly-named GreatestJournal could theoretically push that up to 43 
> if it upgrades to support OpenID. (I'm assuming storing the URL in 
> canonical form with a 15-character username)
> _______________________________________________
> yadis mailing list
> yadis at lists.danga.com
> http://lists.danga.com/mailman/listinfo/yadis

Actually this is a standard subplot in these redirection ping pong 
protocols.  Someplace in the spec you want to say that all URLs used in 
the spec are 256 characters or less  .  I seem to recall that there is 
a widely deployed Japanese phone that can't support that, but the 256 # 
is what the Liberty settled on after much talk and research (see: 
http://xrl.us/f7o3 and variations).  Then you can start budgeting and 
allocating that 256 to various arguments passed in the URLs.  Soon 
after that you start thinking that parameter names like 
openid.is_identity should be more mnemonic.

No matter what don't go over 2K because that's the IE limit. :-)

http://enthusiasm.cozy.org   http://gibbon.cozy.org   
  I forecast sunny weather!

More information about the yadis mailing list