OpenID breakage (Assembla/Google, Identi.ca, other sites?)

We've had a couple of recent reports of breakage of OpenID deployments.

An unresolved one:

https://mail1.eff.org/pipermail/https-everywhere-rules/2011-November/000789.html

And a possibly worked-around one:

https://mail1.eff.org/pipermail/https-everywhere-rules/2011-November/000789.html

added component::https everywhere/eff-https everywhere httpse-ruleset-bug owner::pde priority::medium severity::normal status::new type::defect labels

I speculate that there may be a problem in which OpenID implementations hash URLs, and these change when an s is added to the scheme. However this is pure speculation, I don't know much about OpenID yet.

Just recording another hackaround:

https://mail1.eff.org/pipermail/https-everywhere-rules/2011-November/000793.html

https://gitweb.torproject.org/https-everywhere.git/commitdiff/49c21fee1de0ce88dfbce283f0c2f28967c2b581

Here is a specific example of new MyOpenID breakage with latest 2.0.1 release:

Go to Toodledo.com, select login, then login using OpenID, on next screen enter a MyOpenID.com user name (make one up like xyz.MyOpenID.com or create one for yourself) & submit. You will receive a "Bad Redirect" error message at MyOpenID.com. Disabling the MyOpenID.com rule allows the login to work properly again. As I said, this just broke with the latest HTTPS Everywhere update!

If you need to contact me for clarification/screenshots/whatever, you can do so at SESmith2112 /at/ gmail dawt com.

I confirm this issue.

Might actually be a deeper issue than a simple ruleset change, but tagging anyway just in case.

Trac:
Keywords: N/A deleted, httpse-ruleset-bug added

I use myopenid.com and sometimes sourceforge.net as a relay to myopenid.com. Both works with toodledo.

User should be warned somehow that they should use the HTTPS scheme when they give their OpenID username.

Trac:
Username: zarel

Interesting. We probably need the fix (at a recommended-UI or specification level) to come from OpenID, then. How numerous and how independent are the deployed OpenID implementations?

I'll send a note to the OpenID Foundation and see if they can advise us about this.

The OpenID Foundation asked me to post on their forum, so I posted about the problem here:

https://getsatisfaction.com/openid/topics/openid_and_https_everywhere_url_rewriting

Set all open tickets without a severity to "Normal"

Trac:
Severity: N/A to Normal

mentioned in issue #5306 (moved)

moved to tpo/applications/https-everywhere-eff#4595 (closed)

mentioned in issue tpo/applications/https-everywhere-eff#5306 (closed)