Nope. You just need to pick a place and stick with it. The
reason why today everything folds into an XRDS document is because there is no
way of knowing what the user wanted to happen when they entered the URI. So XRD
provides the unified end-game and one record type has a higher priority in
selection.
EHL
From: sappenin@gmail.com
[mailto:sappenin@gmail.com] On Behalf Of David Fuelling
Sent: Monday, December 15, 2008 9:07 PM
To: Eran Hammer-Lahav
Cc: xri@lists.oasis-open.org
Subject: Re: [xri] URIMap element (was: XRD trusted discovery workflow)
On Mon, Dec 15, 2008 at 10:42 PM, Eran Hammer-Lahav <eran@hueniverse.com> wrote:
XRD
can describe any resource, even one without a URI such as the "site"
concept. The only differentiator is an XRD is linked to the resource. If the
resource has a URI, we use the workflow I described. /site-meta is really just
a pretend HTTP header for the "site" (because there is no other place
to stick that information – you can't GET a "site").
So it might help to think about /site-meta as the "HTTP header of the
site" where "site" is an abstract concept and not the root resource.
Also, XRD is a format for describing resources and their links to other
resources, so it can describe a "site" as well as resources
identified with a URI.
The "correct" way OpenID should work (this is just a straw man to
demonstrate my point):
* Claimed identifier can be any URI with an authority component
* Directed identity identifier can only be a domain name (no scheme, path, or
anything other than a port-less authority)
The RP should clearly ask the user if they want to use a claimed identifier
(tied to them and only them) or directed identity. If the first is selected,
the workflow described in my overview is used. If the user wants to use
directed identity, they enter the domain name (or select it) and the RP looks
for a Link record in /site-meta (not a template) pointing to the
"site" XRD. That XRD contains the directed identity information for
the site.
This is a subtle point, but something I'm curious about. If /site-meta is
like a collection of links "for the site" (in the abstract sense),
then could the RP look for a Link record in /site-meta that provides the OpenID
directed identity information required? Does it have to look for an
XRD, and *then* find the directed identity information for the site?
OpenID today is so semantically broken that it makes this discussion overly
confusing.
EHL
|