--- Consumer.php	2008-10-30 13:50:13.000000000 +0100
+++ Consumer_matslin.php	2008-11-26 20:56:58.000000000 +0100
@@ -357,6 +357,7 @@
             $params2['openid.mode'] = 'check_authentication';
             $ret = $this->_httpRequest($server, 'POST', $params2, $status);
             if ($status != 200) {
+                $this->_setError("'Dumb' signature verification HTTP request failed");
                 return false;
             }
             $r = array();
@@ -591,6 +592,7 @@
                 } else if ($params['openid.session_type'] == 'DH-SHA1') {
                     $params['openid.session_type'] = 'no-encryption';
                 } else {
+                    $this->_setError("The OpenID service responded with: " . $ret['error_code']);
                     return false;
                 }
             } else {
@@ -599,12 +601,15 @@
         }
 
         if ($status != 200) {
+            $this->_setError("The server responded with status code: " . $status);
             return false;
         }
 
         if ($version >= 2.0 &&
             isset($ret['ns']) &&
             $ret['ns'] != Zend_OpenId::NS_2_0) {
+            $this->_setError("The namespace definition in the server response was wrong.");
             return false;
         }
 
@@ -612,6 +617,15 @@
             !isset($ret['expires_in']) ||
             !isset($ret['assoc_type']) ||
             $params['openid.assoc_type'] != $ret['assoc_type']) {
+
+            if ($params['openid.assoc_type'] != $ret['assoc_type']) {
+                 $this->_setError("The returned assoc_type differed from the supplied openid.assoc_type.");
+            }
+            else
+            {
+                $this->_setError("Missing required data from provider (assoc_handle, expires_in, assoc_type are required).");
+            }
+            
             return false;
         }
 
@@ -624,6 +638,7 @@
             $version >= 2.0) {
             $macFunc = 'sha256';
         } else {
+            $this->_setError("Unsupported assoc_type.");
             return false;
         }
 
@@ -643,6 +658,7 @@
             !empty($ret['enc_mac_key'])) {
             $dhFunc = 'sha256';
         } else {
+            $this->_setError("Unsupported session_type.");
             return false;
         }
         if (isset($dhFunc)) {
@@ -653,16 +669,19 @@
             }
             $sec = Zend_OpenId::digest($dhFunc, $dhSec);
             if ($sec === false) {
+                $this->_setError("Could not create digest.");
                 return false;
             }
             $secret = $sec ^ base64_decode($ret['enc_mac_key']);
         }
         if ($macFunc == 'sha1') {
             if (strlen($secret) != 20) {
+                $this->_setError("The length of the sha1 secret was wrong (!= 20).");
                 return false;
             }
         } else if ($macFunc == 'sha256') {
             if (strlen($secret) != 32) {
+                $this->_setError("The length of the sha256 secret was wrong (!= 32).");
                 return false;
             }
         }
@@ -793,11 +812,11 @@
         $claimedId = $id;
 
         if (!$this->_discovery($id, $server, $version)) {
-            $this->_setError("Discovery failed");
+            $this->_setError("Discovery failed: " . $this->getError());
             return false;
         }
         if (!$this->_associate($server, $version)) {
-            $this->_setError("Association failed");
+            $this->_setError("Association failed: " . $this->getError());
             return false;
         }
         if (!$this->_getAssociation(