Question: Yadis Service URIs in the OpenID Auth case

Kevin Turner kevin at
Thu Aug 24 19:04:10 UTC 2006

On Wed, 2006-08-23 at 17:54 -0700, Johannes Ernst wrote:
> Am I correct that it would be false to assume that:
>   - the two service URIs reside on the same server;
>   - are maintained by the same organization;
>   - use the same negotiated D-H secret (aka I negotiate with one  
> service URI, but successfully use it with the other), even if they  
> are very similar URIs.

I think you are correct; none of those are 100% safe assumptions to
make.  Some of those might be sane conventions to establish, i.e. 
"everything under a single Service tag is maintained by one provider,"
but I don't think we can count on that.  And even if you could count on
that one, the other two wouldn't necessarily follow.

More information about the yadis mailing list