[Standards] Login with OpenID
rturner at amalfisystems.com
Mon Sep 3 19:21:51 UTC 2012
Yes, I understand that a GSS-API implementation isn't required, but the GS2 header usage in the non-GSS case starts introducing it a bit early, although I understand there is some genericity to the information included in this header…
My only concern with the draft (albeit a quick read) is that I saw a sentence that says:
"The client now sends the URL it received to a browser for processing. "
I would rather not have to rely on a browser, if possible. I think OpenID Connect supports a pure REST API model.
On Sep 3, 2012, at 10:06 AM, Alexey Melnikov <alexey.melnikov at isode.com> wrote:
> On 03/09/2012 17:58, Randy Turner wrote:
>> Looked at this draft, and it is based on traditional OpenID and GSS-API (an API I've never been a fan of :)
> You don't need to implement or use GSS-API in order to implement the RFC.
>> I'm wondering is something more API/REST-friendly like a solution based on OpenID Connect might be more attractive…
>> On Sep 3, 2012, at 3:24 AM, Peter Saint-Andre wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>> On 9/2/12 12:35 PM, Ivan Martinez wrote:
>>>> Hello all, I'm thiking of making it possible to log into my XMPP
>>>> server with OpenID accounts. Is there any existing standard about
>>>> this?. I have seen the discussion from June 2009:
>>>> Peter talked about working in a new draft, how did it turn out?.
>>> Some other folks worked on that, and it turned into RFC 6616:
>>> It was published only a few months ago, so probably it is not yet
>>> widely implemented in SASL libraries or in XMPP servers and clients.
>>> - -- Peter Saint-Andre
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards