From cl-openid-devel at common-lisp.net  Sat Aug  9 00:36:46 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Sat, 09 Aug 2008 00:36:46 -0000
Subject: [cl-openid-ticket] Re: #6: asdf-binary-locations
In-Reply-To: <084.995090ff768991eaa84312af1f331945@common-lisp.net>
References: <084.995090ff768991eaa84312af1f331945@common-lisp.net>
Message-ID: <093.a0e4146416198743ff972e62e84ee6bc@common-lisp.net>

#6: asdf-binary-locations
-----------------------------+----------------------------------------------
  Reporter:  mpasternacki    |       Owner:  mpasternacki   
      Type:  task            |      Status:  closed         
  Priority:  major           |   Milestone:                 
 Component:  infrastructure  |     Version:  0.5 nonportable
Resolution:  wontfix         |    Keywords:                 
-----------------------------+----------------------------------------------
Changes (by mpasternacki):

  * resolution:  => wontfix
  * status:  assigned => closed

Comment:

 WONTFIX.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/6>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Tue Aug 12 20:50:58 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Tue, 12 Aug 2008 20:50:58 -0000
Subject: [cl-openid-ticket] Re: #11: error while loging with SmugMug OpenID
 identifier
In-Reply-To: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
References: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
Message-ID: <093.4172826ad0a0203362864c96e9d3d1da@common-lisp.net>

#11: error while loging with SmugMug OpenID identifier
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki           
      Type:  defect      |      Status:  assigned               
  Priority:  major       |   Milestone:  HTTP client portability
 Component:  code        |     Version:  0.5 nonportable        
Resolution:              |    Keywords:                         
-------------------------+--------------------------------------------------
Changes (by mpasternacki):

  * status:  new => assigned

Comment:

 Seems to be bug in SmugMug code.  Started a thread on SmugMug's support
 forum:
 http://www.dgrin.com/showthread.php?p=896451

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/11>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Tue Aug 12 21:27:16 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Tue, 12 Aug 2008 21:27:16 -0000
Subject: [cl-openid-ticket] Re: #9: Verifying the Return URL error
In-Reply-To: <084.39528bbe3c48bb8dbb47c9e8e1fbe16c@common-lisp.net>
References: <084.39528bbe3c48bb8dbb47c9e8e1fbe16c@common-lisp.net>
Message-ID: <093.f1d1068600194e75feb688a87fa89c98@common-lisp.net>

#9: Verifying the Return URL error
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki           
      Type:  defect      |      Status:  closed                 
  Priority:  major       |   Milestone:  HTTP client portability
 Component:  code        |     Version:  0.5 nonportable        
Resolution:  fixed       |    Keywords:                         
-------------------------+--------------------------------------------------
Changes (by mpasternacki):

  * resolution:  => fixed
  * status:  new => closed

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/9>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Tue Aug 12 23:01:21 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Tue, 12 Aug 2008 23:01:21 -0000
Subject: [cl-openid-ticket] Re: #11: error while loging with SmugMug OpenID
 identifier
In-Reply-To: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
References: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
Message-ID: <093.d0e0a029ce874b55f1bf8178be3e8771@common-lisp.net>

#11: error while loging with SmugMug OpenID identifier
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki           
      Type:  defect      |      Status:  assigned               
  Priority:  major       |   Milestone:  HTTP client portability
 Component:  code        |     Version:  0.5 nonportable        
Resolution:              |    Keywords:                         
-------------------------+--------------------------------------------------
Comment (by avodonosov):

 If it is a SmubMug's bug, livejournal should not work with it too, but it
 works.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/11>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Tue Aug 12 23:17:59 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Tue, 12 Aug 2008 23:17:59 -0000
Subject: [cl-openid-ticket] Re: #9: Verifying the Return URL error
In-Reply-To: <084.39528bbe3c48bb8dbb47c9e8e1fbe16c@common-lisp.net>
References: <084.39528bbe3c48bb8dbb47c9e8e1fbe16c@common-lisp.net>
Message-ID: <093.8854172e6b55f474bd7bd2b740ae51ec@common-lisp.net>

#9: Verifying the Return URL error
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki           
      Type:  defect      |      Status:  reopened               
  Priority:  major       |   Milestone:  HTTP client portability
 Component:  code        |     Version:  0.5 nonportable        
Resolution:              |    Keywords:                         
-------------------------+--------------------------------------------------
Changes (by avodonosov):

  * resolution:  fixed =>
  * status:  closed => reopened

Comment:

 Fixed only partially: parameters are verified as required in the spec.

 But wrong uri is used. Instead of comparing return-to in the message with
 the requested return-to, we must compare return-to in the message with the
 *uri of the current HTTP request*.

 Implementation hint: I would prefer it as a parameter to handle-indirect-
 response.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/9>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Wed Aug 13 07:31:44 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Wed, 13 Aug 2008 07:31:44 -0000
Subject: [cl-openid-ticket] Re: #11: error while loging with SmugMug OpenID
 identifier
In-Reply-To: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
References: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
Message-ID: <093.afae80e4f69e4fbf05e49798f0685a0f@common-lisp.net>

#11: error while loging with SmugMug OpenID identifier
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki           
      Type:  defect      |      Status:  assigned               
  Priority:  major       |   Milestone:  HTTP client portability
 Component:  code        |     Version:  0.5 nonportable        
Resolution:              |    Keywords:                         
-------------------------+--------------------------------------------------
Comment (by mpasternacki):

 On SmugMug support forum I saw users reporting that only a few RPs work
 with their ID (of which only livejournal has been mentioned explicitly),
 and many RPs fail.  Python-openid, which I use as a reference
 implementation, fails in "smart" mode (with associations), but everything
 works in stateless mode (signature verification by direct request to OP).
 It is possible that services that work just use stateless mode, and it
 might be a good workaround to just ignore failed association attempts and
 go on with stateless mode.

 What SmugMug passes as mac_key is evidently not a Base64-encoded array
 that is required by spec (it's 19 characters long and not padded with =
 signs), looks like a hex number, but however I try to interpret it, I
 can't get signatures working.  I'll see if anybody on their support forum
 replies to my report.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/11>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 11:31:51 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 11:31:51 -0000
Subject: [cl-openid-ticket] Re: #9: Verifying the Return URL error
In-Reply-To: <084.39528bbe3c48bb8dbb47c9e8e1fbe16c@common-lisp.net>
References: <084.39528bbe3c48bb8dbb47c9e8e1fbe16c@common-lisp.net>
Message-ID: <093.86ef6f90396f83f03b619fbbab07af0d@common-lisp.net>

#9: Verifying the Return URL error
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki           
      Type:  defect      |      Status:  closed                 
  Priority:  major       |   Milestone:  HTTP client portability
 Component:  code        |     Version:  0.5 nonportable        
Resolution:  fixed       |    Keywords:                         
-------------------------+--------------------------------------------------
Changes (by mpasternacki):

  * resolution:  => fixed
  * status:  reopened => closed

Comment:

 Actually fixed this time.

 HANDLE-INDIRECT-RESPONSE accepts one more parameter, REQUEST-URI, which is
 used for return_to verification.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/9>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 11:36:25 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 11:36:25 -0000
Subject: [cl-openid-ticket] #13: Relying Party discovery
Message-ID: <084.ccf0721a80ee21e7d67ba2fb08268c9b@common-lisp.net>

#13: Relying Party discovery
--------------------------+-------------------------------------------------
 Reporter:  mpasternacki  |       Owner:                 
     Type:  defect        |      Status:  new            
 Priority:  major         |   Milestone:                 
Component:  code          |     Version:  0.5 nonportable
 Keywords:                |  
--------------------------+-------------------------------------------------
 [http://openid.net/specs/openid-authentication-2_0.html#rp_discovery 13.
 Discovering OpenID Relying Parties]
     Relying Party discovery allows for software agents to discover sites
 that support OpenID. It also allows OpenID providers to automatically
 verify that a return_to URL in an OpenID request is an OpenID relying
 party endpoint for the specified realm.

     Relying Parties SHOULD use the Yadis protocol to publish their valid
 return_to URLs. The relying party MAY publish this information at any URL,
 and SHOULD publish it under the realm so that providers can verify
 return_to URLs.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/13>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 11:38:08 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 11:38:08 -0000
Subject: [cl-openid-ticket] Re: #13: Relying Party discovery
In-Reply-To: <084.ccf0721a80ee21e7d67ba2fb08268c9b@common-lisp.net>
References: <084.ccf0721a80ee21e7d67ba2fb08268c9b@common-lisp.net>
Message-ID: <093.d7054064e5ba3dea634ad80c0187e530@common-lisp.net>

#13: Relying Party discovery
---------------------------+------------------------------------------------
  Reporter:  mpasternacki  |       Owner:                 
      Type:  task          |      Status:  new            
  Priority:  major         |   Milestone:                 
 Component:  code          |     Version:  0.5 nonportable
Resolution:                |    Keywords:                 
---------------------------+------------------------------------------------
Changes (by mpasternacki):

  * type:  defect => task

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/13>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 11:43:02 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 11:43:02 -0000
Subject: [cl-openid-ticket] Re: #12: openid.return_to verification based on
 realm, relying party discovery
In-Reply-To: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
References: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
Message-ID: <093.13efdc6d4732972130d2caa2b819cca7@common-lisp.net>

#12: openid.return_to verification based on realm, relying party discovery
---------------------------+------------------------------------------------
  Reporter:  mpasternacki  |       Owner:  mpasternacki           
      Type:  task          |      Status:  assigned               
  Priority:  major         |   Milestone:  HTTP client portability
 Component:  code          |     Version:  0.5 nonportable        
Resolution:                |    Keywords:                         
---------------------------+------------------------------------------------
Changes (by mpasternacki):

  * status:  new => assigned

Old description:

> [http://openid.net/specs/openid-authentication-2_0.html#realms 9.2.1.
> Using the Realm for Return URL Verification]
> [http://openid.net/specs/openid-authentication-2_0.html#rp_discovery 13.
> Discovering OpenID Relying Parties]
>
> Still unimplemented in OP.

New description:

 [http://openid.net/specs/openid-authentication-2_0.html#realms 9.2.
 Realms]
      When present, the "openid.return_to" URL MUST match the
 "openid.realm", or the OP MUST return an indirect error response (Indirect
 Error Responses).

Comment:

 RP discovery opened as a new bug, leave only return_to matching against
 the realm here.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/12>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 11:53:08 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 11:53:08 -0000
Subject: [cl-openid-ticket] Re: #12: verify openid.return_to verification
 against realm
In-Reply-To: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
References: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
Message-ID: <093.0776a3048e70127e7b2fa9fe3fd29627@common-lisp.net>

#12: verify openid.return_to verification against realm
---------------------------+------------------------------------------------
  Reporter:  mpasternacki  |       Owner:  mpasternacki           
      Type:  task          |      Status:  assigned               
  Priority:  major         |   Milestone:  HTTP client portability
 Component:  code          |     Version:  0.5 nonportable        
Resolution:                |    Keywords:                         
---------------------------+------------------------------------------------
Changes (by mpasternacki):

  * summary:  openid.return_to verification based on realm, relying party
              discovery => verify openid.return_to
              verification against realm

Comment:

 summary update

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/12>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 12:00:14 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 12:00:14 -0000
Subject: [cl-openid-ticket] #14: secure random number generation
Message-ID: <084.d3ff6ebdc548ebd32c7b463dc3da4b83@common-lisp.net>

#14: secure random number generation
--------------------------+-------------------------------------------------
 Reporter:  mpasternacki  |       Owner:              
     Type:  defect        |      Status:  new         
 Priority:  major         |   Milestone:              
Component:  code          |     Version:  1.1 extended
 Keywords:                |  
--------------------------+-------------------------------------------------
 Currently, random values are generated using CL:RANDOM function.  This is
 far from cryptographically secure.  Spec refers to
 [http://rfc.net/rfc1750.html RFC 1750 Randomness Recommendations for
 Security]; these recommendations should be implemented, as a separate
 library, and this library should be used for generating random numbers.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/14>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 12:00:32 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 12:00:32 -0000
Subject: [cl-openid-ticket] Re: #13: Relying Party discovery
In-Reply-To: <084.ccf0721a80ee21e7d67ba2fb08268c9b@common-lisp.net>
References: <084.ccf0721a80ee21e7d67ba2fb08268c9b@common-lisp.net>
Message-ID: <093.044f55257cf0f20679cd239daa8a38bd@common-lisp.net>

#13: Relying Party discovery
---------------------------+------------------------------------------------
  Reporter:  mpasternacki  |       Owner:              
      Type:  task          |      Status:  new         
  Priority:  major         |   Milestone:              
 Component:  code          |     Version:  1.1 extended
Resolution:                |    Keywords:              
---------------------------+------------------------------------------------
Changes (by mpasternacki):

  * version:  0.5 nonportable => 1.1 extended

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/13>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 12:01:07 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 12:01:07 -0000
Subject: [cl-openid-ticket] Re: #11: error while loging with SmugMug OpenID
 identifier
In-Reply-To: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
References: <084.51e1264eabb57bbebd5d173cb27fd9b8@common-lisp.net>
Message-ID: <093.277ce22290186b107e08e5a40ea3cabc@common-lisp.net>

#11: error while loging with SmugMug OpenID identifier
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki
      Type:  defect      |      Status:  assigned    
  Priority:  major       |   Milestone:              
 Component:  code        |     Version:              
Resolution:              |    Keywords:              
-------------------------+--------------------------------------------------
Changes (by mpasternacki):

  * milestone:  HTTP client portability =>
  * version:  0.5 nonportable =>

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/11>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 12:02:05 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 12:02:05 -0000
Subject: [cl-openid-ticket] Re: #10: possible DOS attack
In-Reply-To: <084.bfbb01873fe6fd804eb726a24da7e445@common-lisp.net>
References: <084.bfbb01873fe6fd804eb726a24da7e445@common-lisp.net>
Message-ID: <093.2b9dbbdd3e63e8e64f6d834a3f9df6d8@common-lisp.net>

#10: possible DOS attack
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:  mpasternacki
      Type:  defect      |      Status:  new         
  Priority:  major       |   Milestone:              
 Component:  code        |     Version:              
Resolution:              |    Keywords:              
-------------------------+--------------------------------------------------
Changes (by mpasternacki):

  * milestone:  HTTP client portability =>
  * version:  0.5 nonportable =>

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/10>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 12:02:25 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 12:02:25 -0000
Subject: [cl-openid-ticket] Re: #12: verify openid.return_to verification
 against realm
In-Reply-To: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
References: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
Message-ID: <093.976c58849b65d0bb1b70d66c41dd0a4e@common-lisp.net>

#12: verify openid.return_to verification against realm
---------------------------+------------------------------------------------
  Reporter:  mpasternacki  |       Owner:  mpasternacki
      Type:  task          |      Status:  assigned    
  Priority:  major         |   Milestone:              
 Component:  code          |     Version:  1.0 portable
Resolution:                |    Keywords:              
---------------------------+------------------------------------------------
Changes (by mpasternacki):

  * milestone:  HTTP client portability =>
  * version:  0.5 nonportable => 1.0 portable

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/12>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 12:02:45 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 12:02:45 -0000
Subject: [cl-openid-ticket] Re: #8: Fall back to discovery's worse choices
 when best choice fails
In-Reply-To: <084.ffa8dafee72a25030dd6ce2def87ac59@common-lisp.net>
References: <084.ffa8dafee72a25030dd6ce2def87ac59@common-lisp.net>
Message-ID: <093.26a830c12eb12b4ab9a27f4abc1647a2@common-lisp.net>

#8: Fall back to discovery's worse choices when best choice fails
---------------------------+------------------------------------------------
  Reporter:  mpasternacki  |       Owner:                   
      Type:  enhancement   |      Status:  new              
  Priority:  minor         |   Milestone:  Optional features
 Component:  code          |     Version:  1.1 extended     
Resolution:                |    Keywords:                   
---------------------------+------------------------------------------------
Changes (by mpasternacki):

  * version:  => 1.1 extended

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/8>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Fri Aug 15 13:48:09 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Fri, 15 Aug 2008 13:48:09 -0000
Subject: [cl-openid-ticket] Re: #12: verify openid.return_to verification
 against realm
In-Reply-To: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
References: <084.2079a3de1a76d488f2f12ba32e44263b@common-lisp.net>
Message-ID: <093.583f408dac50ad1e2e7be3b9108e119e@common-lisp.net>

#12: verify openid.return_to verification against realm
---------------------------+------------------------------------------------
  Reporter:  mpasternacki  |       Owner:  mpasternacki
      Type:  task          |      Status:  closed      
  Priority:  major         |   Milestone:              
 Component:  code          |     Version:  1.0 portable
Resolution:  fixed         |    Keywords:              
---------------------------+------------------------------------------------
Changes (by mpasternacki):

  * resolution:  => fixed
  * status:  assigned => closed

Comment:

 Fixed.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/12>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Mon Aug 25 23:04:23 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Mon, 25 Aug 2008 23:04:23 -0000
Subject: [cl-openid-ticket] #15: 1.1 compatibility: do not send
 "openid.op_endpoint" in authentication responses
Message-ID: <084.6096a1fa42212fdbc7823937f0502779@common-lisp.net>

#15: 1.1 compatibility: do not send "openid.op_endpoint" in authentication
responses
------------------------+---------------------------------------------------
 Reporter:  avodonosov  |       Owner:                 
     Type:  defect      |      Status:  new            
 Priority:  minor       |   Milestone:                 
Component:  code        |     Version:  0.5 nonportable
 Keywords:              |  
------------------------+---------------------------------------------------
 Section 14.2.2. "OpenID Providers", the last item:

   OPs MUST NOT send the "openid.op_endpoint" parameter in authentication
   responses (Positive Assertions), since it is not part of the OpenID
   Authentication 1.1 protocol.

 (means when request was of 1.1. version).

 But it seems we does not broke any existing provider with this bug.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/15>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid

From cl-openid-devel at common-lisp.net  Thu Aug 28 20:32:47 2008
From: cl-openid-devel at common-lisp.net (cl-openid)
Date: Thu, 28 Aug 2008 20:32:47 -0000
Subject: [cl-openid-ticket] Re: #15: 1.1 compatibility: do not send
 "openid.op_endpoint" in authentication responses
In-Reply-To: <084.6096a1fa42212fdbc7823937f0502779@common-lisp.net>
References: <084.6096a1fa42212fdbc7823937f0502779@common-lisp.net>
Message-ID: <093.0b4a6f396aead5e7ec589fe870f1c137@common-lisp.net>

#15: 1.1 compatibility: do not send "openid.op_endpoint" in authentication
responses
-------------------------+--------------------------------------------------
  Reporter:  avodonosov  |       Owner:                 
      Type:  defect      |      Status:  closed         
  Priority:  minor       |   Milestone:                 
 Component:  code        |     Version:  0.5 nonportable
Resolution:  fixed       |    Keywords:                 
-------------------------+--------------------------------------------------
Changes (by mpasternacki):

  * resolution:  => fixed
  * status:  new => closed

Comment:

 Fixed.

-- 
Ticket URL: <http://trac.common-lisp.net/cl-openid/ticket/15>
cl-openid <http://common-lisp.net/project/cl-openid>
cl-openid