Securing HTML vs securing HTTP

Josh Hoyt josh at
Tue Jan 24 19:04:34 UTC 2006


On 1/24/06, Johannes Ernst < at> wrote:
> On Jan 24, 2006, at 10:24, Josh Hoyt wrote:
> > Also, the YADIS layer that is growing beneath OpenID and LID uses the
> > same model as OpenID,
> Ahem, no?
> It *can* use the same model to support those people whose hosting
> provider does not cooperate, but I tend to think that the "right" way
> of implementing it is using the X-YADIS-Location HTTP header, which I
> think is more along the lines that Jens was thinking of.

The model that I was referring to is using a level of indirection for
identity services rather than directly entering the URL for those
services (as LID does). YADIS provides the level of indirection that
OpenID has and LID does not.


More information about the yadis mailing list