OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [xri] LocalID and CanonicalID in openID blog post from today.

John, first, thanks for the blog post, and second, yes I agree completely with you that only CanonicalIDs that meet the verification rules in XRI Resolution 2.0 Committee Draft 02 (http://docs.oasis-open.org/xri/2.0/specs/xri-resolution-V2.0.html) should verify. Anything else should not.




From: John Bradley [mailto:jbradley@mac.com]
Sent: Sunday, February 24, 2008 10:22 AM
To: Gabe Wachob
Cc: Markus Sabadello; XRI TC
Subject: Re: [xri] LocalID and CanonicalID in openID blog post from today.


Gabe your place in history is guaranteed:)


I can see use cases for not having a CID.  However openID isn't one of them in my opinion.


This makes it harder for me to be clear in my recommendations to RP authors.  


However its not like they are going to read or understand the XRI spec anyway.


Any feedback to the question I posted on Friday to the list re this issue?







On 23-Feb-08, at 10:49 PM, Gabe Wachob wrote:

I get the sense that there's a set of use cases that will be named after me!!! ;)

The "crazy whacked out theoretical weird stuff that Gabe keeps on talking about" use cases...


On Fri, Feb 22, 2008 at 9:19 AM, John Bradley <jbradley@mac.com> wrote:

I fixed the spelling mistake.  I am in good shape if that was the only one.


In the plaxo group we are digging into the specifics of the CID issue.  We have community authority servers in the wild allowing people to set anything they like as CID.


ie @xrid*hacker


<?xml version="1.0" encoding="UTF-8"?> <XRDS ref="xri://@xrid*hacker" xmlns="xri://$xrds"> <XRD xmlns="xri://$xrd*($v*2.0)"> <Query>*xrid</Query> <Status code="100"/> <Expires>2008-02-22T18:04:11.000Z</Expires> <ProviderID>xri://@</ProviderID> <LocalID priority="10">!94BB.B642.A6F3.CD9</LocalID> <CanonicalID priority="10">@!94BB.B642.A6F3.CD9</CanonicalID> <Service priority="10"> <Type select="true">xri://$res*auth*($v*2.0)</Type> <ProviderID>xri://@xrid</ProviderID> <Path match="null"/> <MediaType>application/xrds+xml;trust=none</MediaType> <URI priority="10">http://auth.xrid.net/</URI> </Service> <Service priority="100"> <Type match="none"/> <Path match="none"/> <MediaType match="none"/> </Service> </XRD> <XRD xmlns="xri://$xrd*($v*2.0)"> <Query>*hacker</Query> <Status code="241">Requested service endpoint not found.</Status> <CanonicalID>@xrid*hacker</CanonicalID> <Service priority="10"> <Type select="true">xri://$res*auth*($v*2.0)</Type> <Path match="null"/> <MediaType>application/xrds+xml;trust=none</MediaType> <URI priority="10">http://auth.xrid.net/!278/</URI> </Service> <Service priority="1"> <Type select="true">http://specs.openid.net/auth/2.0/signon</Type> <URI append="qxri">http://www.myopenid.com/server?qxri=</URI> <LocalID>http://polyonymous.myopenid.com/</LocalID> </Service> <Service priority="5"> <Type select="true">http://openid.net/signon/1.0</Type> <URI>http://www.klever.net/openid/server</URI> <Delegate xmlns="http://openid.net/xmlns/1.0">http://hacker.klever.net/</Delegate> </Service> </XRD> </XRDS>


Yes the CID in the final XRD is @xrid*hacker. People entering there own CIDs presents interesting questions.


The discussion is towards the end of the "Thread-Safe - XRI & openID 2.0 questions" thread.


I didn't want to confuse the issue with edge cases.  

From an RP point of view every XRD MUST have a CID that passes validation,  otherwise they shouldn't be logging in.


Yes there are other use cases where not having a CID makes sense (Gabe).  

However I would like to discourage the use of CIDs that are not validate-able by the resolver.



On 22-Feb-08, at 8:34 AM, Markus Sabadello wrote:

Hmm cool post.. First text I read about actual applications of 2.0 resolution.

- I think according to the specification it's not really true that in XRI resolution you must always have a CanonicalID on the XRD level, but for the purpose of blogging about this topic it's probably better to say it the way you did :)

- Did you mean to say that CIDs are "non-reasonable" identifiers, or is that supposed to say "non-reassignable"?

- The idea of using the SEP LocalID for OpenID delegation is great.. I think right now implementations use <openid:Delegate>, but <LocalID> sounds much more reasonable.

- It would also be interesting to consider how EquivID and CanonicalIDEquiv would fit into this scenario.


On Thu, Feb 21, 2008 at 11:59 PM, John Bradley <jbradley@mac.com> wrote:

As promised the blog post on LocalID and CanonicalID in openID



To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in OASIS



Gabe Wachob / gwachob@wachob.com \ http://blog.wachob.com


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]