i'm using dotnetopenauth to implement openid functionality, and things work fine, but yahoo throws up the standard 'yahoo cannot verify this site' message, which throws off some users. there's some info on fixing this, but i would think that i should use DNOA to do it, rather than wing it.
i found some info on why this may be happening, but was hoping that there's a way to configure DNOA to handle this on its own, so i'm not reinventing the wheel.
I would love to have DNOA fix it itself for every RP, but unfortunately the requirements of RP discovery mostly have to be implemented site-specifically. DNOA does not have insight, for example, to know what all the pages on your web site are that host openid login forms. And that information is required to fill out the XRDS document that is part of RP discovery.
One idea I was playing with is having the ASP.NET OpenID login controls host their own RP discovery documents, which would make everything just work, but at the huge risk that if the login page URL changed (much more likely than the domain name changing) all Google users would lose access to their accounts due to Google's directed identity feature. So it's best to link to the XRDS document from the web site home page, which DNOA doesn't have an HttpHandler for (if it did, you wouldn't control the homepage).