[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] <uri>element in <link> of XRD
--Apple-Mail-587--530638379 Content-Type: multipart/alternative; boundary=Apple-Mail-586--530638474 --Apple-Mail-586--530638474 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit If as we discussed on the call yesterday cannonicalID becomes Subject as in "the subject of the XRD" then we should consider having SubjectType at the XRD level. If the XRD is about the subject the type is really making a assertion about that subject. If the value of SubjrctType is "Person" then I am saying that the subject is an identifier for a person not a service etc. I think this also works if the Subject is not explicitly stated in the XRD. =jbradley On 30-Jan-09, at 2:36 AM, Eran Hammer-Lahav wrote: > It is (a) which does not guarantee that the descriptor of the > resource identified by the <URI> will have the value of the <URI> as > its subject. I know Brian has a similar requirement for his trust > proposal. > > Since this seems like a trust-related requirement, I will wait until > we have a more complete trust solution to comment on that. > > We still have an open question if the <ResourceType> element at the > <XRD> level should be called ResourceType or Type. At the <Link> > level we agreed on ResourceType. > > EHL > >> -----Original Message----- >> From: Nat Sakimura [mailto:n-sakimura@nri.co.jp] >> Sent: Thursday, January 29, 2009 7:28 PM >> To: XRI TC >> Subject: [xri] <uri>element in <link> of XRD >> >> Accroding to today's dicussion, it looks like XRD would look >> something >> like: >> >> <XRD sig="URI of the signature file" >> sigalg="http://www.w3.org/2000/09/xmldsig#rsa-sha1" certuri="pem file >> location"> >> <Subject>Unique_identifier</Subject> >> <SignerID>Unique_identifier</SignerID> >> <ResourceType>...</ResourceType> >> <link> >> <rel>My OpenID Provider</rel> >> <localid>mylocalid</localid> >> >> <ResourceType>http://specs.openid.net/auth/2.0/signon</ResourceType> >> <ResourceType>http://specs.openid.net/cx/1.0</ResourceType> >> <URI>https://example.com/server</URI> >> </link> >> <link> >> <rel>my age verification service</rel> >> <localid>...</localid> >> <ProviderID>https://sts.equifax.com/#20081203000000</ProviderID> >> <ResourceType>http://schemas.informationcard.net/@ics/age-18-or- >> over/2008-11</ResourceType> >> <URI>https://sts.equifax.com/</URI> >> </link> >> </XRD> >> >> >> My question is >> >> (1) Does <URI> points to >> (a) Service Endpoint >> (b) XRD address of the Service >> (c) <Subject> in the XRD of the Service. >> >> If it is not (c), then it would be really nice to have >> something like <Subject> at the <link> level so that >> we can potentially test that the destination really is the >> intended destination. >> >> =nat >> >> >> --------------------------------------------------------------------- >> To unsubscribe from this mail list, you must leave the OASIS TC that >> generates this mail. Follow this link to all your TCs in OASIS at: >> https://www.oasis-open.org/apps/org/workgroup/portal/ >> my_workgroups.php > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > --Apple-Mail-586--530638474 Content-Type: text/html; charset=US-ASCII Content-Transfer-Encoding: quoted-printable <html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; = -webkit-line-break: after-white-space; ">If as we discussed on = the call yesterday cannonicalID becomes Subject as in = "the subject of the XRD" then we should consider having SubjectType at = the XRD level.<div><br></div><div>If the XRD is about the subject the = type is really making a assertion about that = subject.</div><div><br></div><div>If the value of SubjrctType is = "Person" then I am saying that the subject is = an identifier for a person not a service = etc.</div><div><br></div><div>I think this also works if the Subject is = not explicitly stated in the = XRD.</div><div><br></div><div>=3Djbradley</div><div><br><div><div>On = 30-Jan-09, at 2:36 AM, Eran Hammer-Lahav wrote:</div><br = class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><div>It is = (a) which does not guarantee that the descriptor of the resource = identified by the <URI> will have the value of the <URI> as its = subject. I know Brian has a similar requirement for his trust = proposal.<br><br>Since this seems like a trust-related requirement, I = will wait until we have a more complete trust solution to comment on = that.<br><br>We still have an open question if the <ResourceType> = element at the <XRD> level should be called ResourceType or Type. At = the <Link> level we agreed on = ResourceType.<br><br>EHL<br><br><blockquote type=3D"cite">-----Original = Message-----<br></blockquote><blockquote type=3D"cite">From: Nat = Sakimura [<a = href=3D"mailto:n-sakimura@nri.co.jp">mailto:n-sakimura@nri.co.jp</a>]<br><= /blockquote><blockquote type=3D"cite">Sent: Thursday, January 29, 2009 = 7:28 PM<br></blockquote><blockquote type=3D"cite">To: XRI = TC<br></blockquote><blockquote type=3D"cite">Subject: [xri] = <uri>element in <link> of XRD<br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote type=3D"cite">Accroding to = today's dicussion, it looks like XRD would look = something<br></blockquote><blockquote = type=3D"cite">like:<br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote type=3D"cite"><XRD = sig=3D"URI of the signature file"<br></blockquote><blockquote = type=3D"cite">sigalg=3D"<a = href=3D"http://www.w3.org/2000/09/xmldsig#rsa-sha1">http://www.w3.org/2000= /09/xmldsig#rsa-sha1</a>" certuri=3D"pem = file<br></blockquote><blockquote = type=3D"cite">location"><br></blockquote><blockquote type=3D"cite"> = <Subject>Unique_identifier</Subject><br></blockquote><blockquo= te type=3D"cite"> = <SignerID>Unique_identifier</SignerID><br></blockquote><blockq= uote type=3D"cite"> = <ResourceType>...</ResourceType><br></blockquote><blockquote = type=3D"cite"> <link><br></blockquote><blockquote type=3D"cite"> = <rel>My OpenID = Provider</rel><br></blockquote><blockquote type=3D"cite"> = <localid>mylocalid</localid><br></blockquote><bloc= kquote type=3D"cite"><br></blockquote><blockquote = type=3D"cite"><ResourceType><a = href=3D"http://specs.openid.net/auth/2.0/signon">http://specs.openid.net/a= uth/2.0/signon</a></ResourceType><br></blockquote><blockquote = type=3D"cite"> <ResourceType><a = href=3D"http://specs.openid.net/cx/1.0">http://specs.openid.net/cx/1.0</a>= </ResourceType><br></blockquote><blockquote type=3D"cite"> = <URI><a = href=3D"https://example.com/server">https://example.com/server</a></URI= ><br></blockquote><blockquote type=3D"cite"> = </link><br></blockquote><blockquote type=3D"cite"> = <link><br></blockquote><blockquote type=3D"cite"> = <rel>my age verification = service</rel><br></blockquote><blockquote type=3D"cite"> = <localid>...</localid><br></blockquote><blockquote= type=3D"cite"> <ProviderID><a = href=3D"https://sts.equifax.com/">https://sts.equifax.com/</a>#20081203000= 000</ProviderID><br></blockquote><blockquote type=3D"cite"> = <ResourceType><a = href=3D"http://schemas.informationcard.net/@ics/age-18-or-">http://schemas= .informationcard.net/@ics/age-18-or-</a><br></blockquote><blockquote = type=3D"cite">over/2008-11</ResourceType><br></blockquote><blockquote = type=3D"cite"> <URI><a = href=3D"https://sts.equifax.com/">https://sts.equifax.com/</a></URI><br= ></blockquote><blockquote type=3D"cite"> = </link><br></blockquote><blockquote = type=3D"cite"></XRD><br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote type=3D"cite">My question = is<br></blockquote><blockquote type=3D"cite"><br></blockquote><blockquote = type=3D"cite">(1) Does <URI> points to<br></blockquote><blockquote = type=3D"cite"> (a) Service = Endpoint<br></blockquote><blockquote type=3D"cite"> = (b) XRD address of the = Service<br></blockquote><blockquote type=3D"cite"> = (c) <Subject> in the XRD of the = Service.<br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote type=3D"cite">If it is not = (c), then it would be really nice to have<br></blockquote><blockquote = type=3D"cite">something like <Subject> at the <link> level so = that<br></blockquote><blockquote type=3D"cite">we can potentially test = that the destination really is the<br></blockquote><blockquote = type=3D"cite">intended destination.<br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote = type=3D"cite">=3Dnat<br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote = type=3D"cite">------------------------------------------------------------= ---------<br></blockquote><blockquote type=3D"cite">To unsubscribe from = this mail list, you must leave the OASIS TC = that<br></blockquote><blockquote type=3D"cite">generates this mail. = Follow this link to all your TCs in OASIS = at:<br></blockquote><blockquote type=3D"cite"><a = href=3D"https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups= .php">https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.p= hp</a><br></blockquote><br><br>-------------------------------------------= --------------------------<br>To unsubscribe from this mail list, you = must leave the OASIS TC that<br>generates this mail. Follow this = link to all your TCs in OASIS at:<br><a = href=3D"https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups= .php">https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.p= hp</a><br><br></div></blockquote></div><br></div></body></html>= --Apple-Mail-586--530638474-- --Apple-Mail-587--530638379 Content-Disposition: attachment; filename=smime.p7s Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGrzCCAz8w ggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0 ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcx KDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0 ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxA dGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpB MSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUg UGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA xKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7d yfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/ p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDow OKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3Js MAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgw DQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A 9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYI Tq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8wggNoMIIC0aADAgECAhAd94+bIYviuSaQ w/qU/yWPMA0GCSqGSIb3DQEBBQUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNz dWluZyBDQTAeFw0wODEyMTIwMTU0MzFaFw0wOTEyMTIwMTU0MzFaMIGfMR8wHQYDVQQDExZUaGF3 dGUgRnJlZW1haWwgTWVtYmVyMR8wHQYJKoZIhvcNAQkBFhBqYnJhZGxleUBtYWMuY29tMR4wHAYJ KoZIhvcNAQkBFg9qYnJhZGxleUBtZS5jb20xHTAbBgkqhkiG9w0BCQEWDnZlN2p0YkBtYWMuY29t MRwwGgYJKoZIhvcNAQkBFg12ZTdqdGJAbWUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAxB2GGbZ5p8mVtg16CSDXeF8F3D+5sbs8L4b/YrHt/BvtQdE8GY202cUko/b/rXTUA0JC XZRDrOiH7ZxcqI4alJNel9AcSLepcdHN4+t2zhvWilm+YF0/r6m/1PikkVT9TWic61IZMpNWIUkk A+MWzEjChYPefdSMhxikhhMFZ0sv2qPE9pmdaPtD2uF4MwKnIzdZYo+X7rWoaXHIdsZwZDU3HdR5 rVuK5s9xvRED7TZgwE1/yHzHnTbedUWPdNNUlL24Jp3iiVzjZan8zOCn6x4b8O1QPN5b/FOZrerq FDZ2zhIBsWEcKdIxqIqPdVkrYvEfGBLMe1QIORu0J56L/QIDAQABo10wWzBLBgNVHREERDBCgRBq YnJhZGxleUBtYWMuY29tgQ9qYnJhZGxleUBtZS5jb22BDnZlN2p0YkBtYWMuY29tgQ12ZTdqdGJA bWUuY29tMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEFBQADgYEADhjvX5w/BXN7OL5y1ZfydfmJ RKezNqugUDf8XbKmmMR/o+vjx395pBpO9QF8hQwtKNDuvoxLTNDMWdcCNbvaEpqREXc7liV9FfA5 ndAB1VgDqYDjY9M9LU54LH8uqEx7+pX6qa6KoR8eRHby9zi+iuSkJ4GLI59RBnVI54x4/acxggMQ MIIDDAIBATB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5 KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQHfeP myGL4rkmkMP6lP8ljzAJBgUrDgMCGgUAoIIBbzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwG CSqGSIb3DQEJBTEPFw0wOTAxMzAxNDUxNTZaMCMGCSqGSIb3DQEJBDEWBBQk7z7d47fyH2mE7r8g ot1kNdIkqjCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3Rl IENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWls IElzc3VpbmcgQ0ECEB33j5shi+K5JpDD+pT/JY8wgYcGCyqGSIb3DQEJEAILMXigdjBiMQswCQYD VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMj VGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEB33j5shi+K5JpDD+pT/JY8wDQYJ KoZIhvcNAQEBBQAEggEALKtqLdhF2K4qxRXSsetDBguJQJAmqoia+TvL+0+8dNkmvGPcWBrrBTd7 Bl7dRp3KlBVv01vogHigueYkuHMRkOV7D3moJZAGXkzXjcyHpUTeG/UItzTtT41mwB1ouKA872wI GsoOOjfCdwhgWMxflLpGgXVxbfO6PPo6/VjzGIpaxIq1Xsk6rUoJX4b7D3x42G/fbb3qhnMQ/njp 8Pa109r6XZqk2eNhGSTdNJIIp5pfiKdV+hSq+ZrO1+VE1NNcbanXsznF69rf/xIwoTsZtQgdouSH ui69pbCAxOnzF2KZ9zgfwoZp5ShlasvHOQFaBePyzDEHMG0gNfYcuMhx2QAAAAAAAA== --Apple-Mail-587--530638379--
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]