[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Simple Sign not so simple
> Perhaps it would have been better not to report at all rather than > report late. I don't think it's unreasonable to consider a higher bar for reopening a spec vs. just adding text to one that's still undergoing changes. At that point, clarifying issues that were apparently clear to most implementers is not the same as actual missing processing rules. > You guys are insiders (well, I guess I am too -- and I did not have problem > implementing, but I saw various pitfalls I reported) and the fact that > the insiders happen to think in like ways does not equate to it being > obvious to an outsider. The people that I knew implementing this originally were not insiders. So basically they were the guidance for us on what was confusing and what wasn't (heck, the whole spec changed because of their testing). It's not a question of inside vs. outside. Everybody thinks differently. > The success of OpenID has much to do with not burdening outsiders > with having to guess what the insider's intent was. I'll refrain from commenting on what I think its "success" is due to, but suffice to say that wouldn't be in my top 5. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]