1 files changed, 15 insertions, 0 deletions

diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
index 00213d8..071a488 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/RelyingPartySecuritySettings.cs
@@ -111,6 +111,21 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		public bool RequireAssociation { get; set; }
 
 		/// <summary>
+		/// Gets or sets a value indicating whether identifiers that are both OP Identifiers and Claimed Identifiers
+		/// should ever be recognized as claimed identifiers.
+		/// </summary>
+		/// <value>
+		/// 	The default value is <c>false</c>, per the OpenID 2.0 spec.
+		/// </value>
+		/// <remarks>
+		/// OpenID 2.0 sections 7.3.2.2 and 11.2 specify that OP Identifiers never be recognized as Claimed Identifiers.
+		/// However, for some scenarios it may be desirable for an RP to override this behavior and allow this.
+		/// The security ramifications of setting this property to <c>true</c> have not been fully explored and
+		/// therefore this setting should only be changed with caution.
+		/// </remarks>
+		public bool AllowDualPurposeIdentifiers { get; set; }
+
+		/// <summary>
 		/// Filters out any disallowed endpoints.
 		/// </summary>
 		/// <param name="endpoints">The endpoints discovered on an Identifier.</param>