[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes: Special XRI TC telecon on CanonicalID verification, Monday 2007-06-11
Following are the minutes of the XRI TC special telecon on extending Canonical ID verification to apply to URLs as well as XRIs. Date: Monday, 11 June 2007 USA Time: 1:00PM - 2:00PM Pacific Time ATTENDING Les Chasen Steve Churchill Markus Sabadello Gabe Wachob Wil Tan Johnny Bufu Drummond Reed We began the call by explaining the background of Canonical ID verification, and pointing attendees to the relevant XRI TC wiki page at: http://wiki.oasis-open.org/xri/XriCd02/CanonicalIdVerification This page was updated to add a new section 5 listing the proposed new uses cases for Canonical ID verification, all of which involve verifying that an HTTP(S) URI either is a synonym for a Canonical ID, or serves as a Canonical ID. We discussed the proposed solution introduced in a thread on the OpenID Specs list last week, and further discussed by Drummond and Steve this morning, of verifying an HTTP(S) URI via use of the XRD Backref element. The basic procedure is that if an HTTP(S) URI resolves to an XRDS which asserts a different identifier as a Canonical ID, then to be verified (with one exception -- see below) the Canonical ID MUST be resolved is resolved to a second XRDS which MUST include a Backref element with the original HTTP(S) URI. The one exception is that if the Canonical ID is a fragment or query component added to the original HTTP(S) URI. This does not require a second resolution step, because the Canonical ID is verifiably under the control of the same authority as the original HTTP(S) URI. This procedure should work for all combinations of HTTP(S) URIs and XRIs as starting identifier and as the Canonical ID. Johnny also gave us very useful input as to how this should be specified so it is of maximum usefulness to consumers of both the XRI specifications and the OpenID specifications. The action items are: #DRUMMOND to do a writeup on the XRI TC wiki page above of the proposed additional Canonical ID verification rules that apply when a HTTP(S) URIs is either the original or canonical identifier. #DRUMMOND to send a link to this page to Johnny and the OpenID Specs list for feedback. #STEVE to incorporate Markus's feedback to this Canonical ID verification graph model text and send to the list. #DRUMMOND AND STEVE to propose next text for Canonical ID verification (section 11) for XRI Resolution 2.0 Working Draft 11 Editor's Draft 03. #DRUMMOND AND STEVE to propose wording for how the OpenID Authentication 2.0 spec should best reference the relevant sections of the XRI Resolution 2.0 spec for XRI resolution, proxy resolution, and Canonical ID verification. =Drummond
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]