A while ago I added “just one more feature” and, not having a test department, broke the process for registering a new information card here at Identityblog. Predictably, I didn't see the problem because I've had my cards for, er, a while… Anyway, I got a whole pack of emails telling me about it – and I appreciate that – but didn't have the time to track it down. Thanks to all.
The problem was this:
People submitting a new card you would be sent an email asking them to click on a link to verify their email address. When they did so, rather than having their membership approved, they would receive a message that not a few readers qualified as “meaningless”. Others had saltier descriptions.
Anyway, I apologize – the problem was not with the Pamela Project's PHP code, but with a tweak I added when I changed the code to accept some experimental versions of claims selectors. I still don't have a test department, but as far as I can tell everything now works. Hint: login before leaving your comment.
I currently accept managed cards from federatedidentity.net without the need to validate. It's a slick experience. I'd be happy to accept other providers too – just send me the distinguished name used in your signing certificate.