OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: questions about LRDD / OpenID

Hi Eran,

(Sorry I'm not sure if the XRI TC list is right for this; please let me know if there's a better place to post these questions).

Anyway, I read some of your wonderful drafts and blog posts, especially this one:
http://www.hueniverse.com/hueniverse/2009/03/xrdbased-openid-discovery.html

I have a few questions, which I think apply not only to OpenID, but to the LRDD architecture in general:

1. When performing LRDD on Joe's OpenID http://example.com/joe, you say that in step 3 the relying party gets the /host-meta file and looks for the "Link-Pattern" entry. My question is, shouldn't it also look for a "Link" entry?

[[draft-nottingham-site-meta-01]] says that a "Link" entry applies to all resources that share its authority (therefore it also applies to http://example.com/joe, right?). For example, the /host-meta file could contain the following entry:

Link: <http://example.com/;about>; rel="describedby"; type="application/xrd+xml"

And then from http://example.com/;about, you could discover the following XRD:

<XRD>
    <Subject>http://example.com/</Subject>
    <Type>http://openid.example.net/type/user</Type>
    <Link>
        <Rel>http://openid.example.net/rel/provider</Rel>
        <URI>http://provider.example.org</URI>
    </Link>
</XRD>

I'm not arguing whether this is good or bad in the specific case of OpenID (probably bad because of the non-matching <Subject> in the XRD), but the point is that in order to comply with the various mechanisms mentioned in LRDD, a relying party SHOULD understand a "Link" entry in /host-meta, right?

2. In LRDD, if the /host-meta file contains both a suitable "Link" entry and a suitable "Link-Pattern" entry, which one takes precedence?

3. It seems that XRD is now very similar to the various Link mechanisms. My question is, in your OpenID example, could the same goals be achieved without using XRD at all? E.g. when performing LRDD on Joe's OpenID http://example.com/joe, instead of discovering an XRD via describedby links, couldn't you also directly discover the OpenID provider:

LRDD method 1: <LINK> element
<LINK href=""http://provider.example.org" rel="http://openid.example.net/rel/provider">

LRDD method 2: Link: HTTP header
Link: <http://provider.example.org>; rel="http://openid.example.net/rel/provider"

LRDD method 3: /host-meta file with Link or Link-Pattern entry
Link: <http://provider.example.org>; rel="http://openid.example.net/rel/provider"

Again, I'm not arguing whether this is good or bad, but I'm wondering if it would work. Do you expect that LRDD / OpenID implementations will support this?

If I understand your terminology correctly, this way you could jump directly to "Service Discovery", omitting the "Descriptor Discovery" step.

Markus

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]