Talk:Relying Party Best Practices

If multiple identifiers can map to the same account, how do you distinguish:

all these identifiers identify the same person
multiple people share an account?

Example: a group blog.

Johannes Ernst 12:18, 14 November 2006 (PST)

(Johannes: I'd assume that there would be multiple accounts in the group blog situation (multiple internal UIDs on an ACL). Though of course there's no way to enforce that, it might be a best practice to discourage sharing accounts.)

Regarding markup for OpenID identifiers ("Perhaps define a rel="..." keyword for OpenID identifiers, so that interested software can grovel for them?")

I think that the hCard microformat handles this nicely, using "uid":

<a class="url fn uid" href="http://john.example.com">John Bloggs</a>

(Per related discussions on microformats-discuss mailing list.)

Panzerjohn 16:22, 7 March 2007 (PST)

Check Immediate

I don't see any mention of check_immediate. I believe it's a best practice to cookie the user with his/her OpenID on a successful login, and then use an check_immediate check if they come back and aren't logged in.

I'm going to add this to the page... Feel free to roll it back if I'm insane. --Evan 21:03, 18 June 2008 (PDT)

Retrieved from "http://wiki.openid.net/Talk:Relying_Party_Best_Practices"

OpenID

Talk:Relying Party Best Practices

Check Immediate

Navigation

Search

Views

Personal tools

Toolbox