RE: [xri] XRD delegated identifer element (was part of: questions about LRDD / OpenID)

["Drummond Reed" <drummond.reed@cordance.net>]

Title: Re: [xri] XRD delegated identifer element (was part of: questions about LRDD / OpenID)

The need for the Subject of an XRD to supply a contextualized identifier that allows a consuming application to identify the Subject in the context of a specific service to which the XRD is linked is a generic requirement that is not specific to OpenID. At a minimum XDI also has that use case, but I’ve also seen it in SAML. And since the primary metadata that XRDs deal in is: a) identifiers, b) links/rels, I believe we will be doing interoperability a big favor by defining this as a native XRD element.

 

Given that this element identifies the Subject relative to the target resource of the Link, <XRD:Link:RelativeSubject> seems to be semantically precise. But I am certainly open to other suggestions.

 

RE the other element discussing in this thread – the one used to provide a canonical URI for the resource that is the target of the link – I like <XRD:Link:Object> not just because it’s semantically precise with respect to the implicit RDF model, but because, as Eran says, it won’t be confused with <XRD:Subject> or <XRD:Alias>.

 

=Drummond

 

---

From: Eran Hammer-Lahav [mailto:eran@hueniverse.com]
Sent: Tuesday, March 24, 2009 1:35 PM
To: Drummond Reed; Will Norris; xri@lists.oasis-open.org
Subject: Re: [xri] XRD delegated identifer element (was part of: questions about LRDD / OpenID)

 

I’m mostly concerned about lack of other use cases (documented at least) for it other than OpenID. I think OpenID should use it but not sure it should be part of the schema.

EHL


On 3/23/09 10:52 AM, "Drummond Reed" <drummond.reed@cordance.net> wrote:

I'm latching onto the very last question Will put in his response to Markus'
XRD/LRDD questions this morning:

> To add one additional question... for the delegation use case, how is
> it expected that one would specify the OpenID delegate URL in XRD?  I
> can't think of any existing XRD element that would be suitable for
> this, so I'm assuming we are expecting OpenID Discovery to define a
> new Link sub-element, like they already do in XRDS?  Of course, if
> there is no delegate specified, you would just use the XRD Subject.

The "existing XRD element that would be suitable for this" is supposed to be
the LocalID element, listed near the bottom of
http://wiki.oasis-open.org/xri/XrdOne/XrdSchema. That was already the
element designed to replace the openid:delegate element for identifier
delegation in OpenID 2.0 discovery.

So, my first question is to confirm with Eran and everyone that this is
still the case, i.e., the <XRD:Link:LocalID> element is the element intended
to be used for identifier delegation by OpenID (or any other protocol that
needs local identifier delegation).

My second question is whether, if this is the case, we should (as we are
doing with all the other XRD 1.0 elements) revisit the semantics of the
element name itself and decide if there is a better alternative.

My third question is how this factors into trust verification, since you are
effectively asserting a synonym here.

Thoughts?

=Drummond


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php