threeqube
commented
12 years ago Comments from community call as reference:
@brianloveswords so an origin, by definition, is the protocol, hostname and port only. It's used in the case when some of the resources are relative (such as badge.image) to make a full URL. So it's not necessarily supposed to be the exact page where the information about the organization lives, but what the issuing domain is. With all that said, we could potentially use another field to specify where a person would actually go to get more information about the issuer?
Adrian from Makewav.es: Agree with the above. We have the same issue, now the orgin field is getting more valuable ( where the certificate/assertion is kept) its often very different to the url we want to send the user to. A seperate url to orgin field would be really useful Okay, good point, Adrian. Thanks.
@brianloveswords It might be useful to have another field in the issuer structure to say where the user can go to learn more about the actual issuing organization (did I paraphrase you right?) -- yep, this looks good -- would be awesome
@brettbixler This is exactly what is needed - we need to verify the issuer is legit.
I tried to hand-roll a badge. I was successful, but I discovered the issuer:origin field in badges cannot contain more than a root-level URL (the domain name). I wanted to use http://its.psu.edu/training, but the badge baker at http://beta.openbadges.org/baker?assertion=YourURL would not accept it. This is a concern for me, as our URL is indeed http://its.psu.edu/training.