[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] XRD: Separating resource descriptions from authority
--Apple-Mail-216--785924352 Content-Type: multipart/alternative; boundary=Apple-Mail-215--785924555 --Apple-Mail-215--785924555 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit I have always thought about an XRD as being about an entity. That entity has one identity that is canonical and may have any number of aliases that resolve to meta data about the entity. In XRI entities are "non-information resources", in the XRD spec things are complicated in that the meta-data may be associated with a "information resource" or "non-information resource". The entity described by the XRD may have any number of "relationships" to services. All of the statements in an XRD are considered self asserted by the cannonicalID entity. The validity of the alias otherwise known as equivid are verified by resolving them and assuring yourself they resolve to the same verified cannionicalID. For Services/relationsips we have the LocalID element. This indicates that the XRD entity is asserting that that the entity referd to by that relationship know it by somme other identifier indicated by the LocalID element. This is how openID delegation works currently. As a service/relationship currently only has one LocalID element I would say that if you have multiple URI elements in a service/ relationship they need to refer to the same target entity. If you have multiple relationships for the same type of service they should each be separate service/relationship elements. =jbradley On 27-Jan-09, at 8:44 AM, Nat Sakimura wrote: > > > -------------------------------------------------- > From: "Dirk Balfanz" <balfanz@google.com> > Sent: Tuesday, January 27, 2009 1:14 PM > To: "Eran Hammer-Lahav" <eran@hueniverse.com> > Cc: <xri@lists.oasis-open.org> > Subject: Re: [xri] XRD: Separating resource descriptions from > authority > >> On Mon, Jan 26, 2009 at 7:51 PM, Eran Hammer-Lahav <eran@hueniverse.com >> > wrote: >>>> > The CanonicalID seems to be used exclusively for trust, which >>>> makes me >>>> > wonder if we shouldn't add a separate trust element that is >>>> about the > XRD >>>> > and not about the resource. One such idea looks like this: >>>> >>>> To be honest, I'm not quite sure what the difference of <About> and >>>> <CanonicalID> is, but then I've only thought about this in the >>>> context >>>> of OpenID discovery. If you give us <About>, I don't think we need >>>> <CanonicalID>, at least not for OpenID discovery :-) >>> >>> You can have a single <CanonicalID> but many <About>s. >> >> Ah, but only if the answer to one of your other questions is that one >> XRD can be about multiple resources, right? >> > > No. It is the case of one resource with multiple uri. > > =nat > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php --Apple-Mail-215--785924555 Content-Type: text/html; charset=US-ASCII Content-Transfer-Encoding: quoted-printable <html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; = -webkit-line-break: after-white-space; ">I have always thought about an = XRD as being about an entity.<div><br></div><div>That entity has one = identity that is canonical and may have any number of aliases = that resolve to meta data about the entity.</div><div><br></div><div>In = XRI entities are "non-information resources", in the XRD spec things are = complicated in that the meta-data may be associated with a "information = resource" or "non-information resource".</div><div><br></div><div>The = entity described by the XRD may have any number of "relationships" to = services.</div><div><br></div><div>All of the statements in an XRD = are considered self asserted by the cannonicalID = entity.</div><div><br></div><div>The validity of the alias otherwise = known as equivid are verified by resolving them and assuring yourself = they resolve to the same verified = cannionicalID.</div><div><br></div><div>For Services/relationsips we = have the LocalID element. This indicates that the XRD entity is = asserting that that the entity referd to by = that relationship know it by somme other identifier indicated = by the LocalID element.</div><div>This is how openID delegation works = currently.</div><div><br></div><div>As a = service/relationship currently only has one LocalID element I would = say that if you have multiple URI elements in a = service/relationship they need to refer to the same target = entity.</div><div><br></div><div>If you have multiple relationships for = the same type of service they should each be separate = service/relationship = elements.</div><div><br></div><div>=3Djbradley</div><div><br></div><div><b= r><div><div>On 27-Jan-09, at 8:44 AM, Nat Sakimura wrote:</div><br = class=3D"Apple-interchange-newline"><blockquote = type=3D"cite"><div><br><br>-----------------------------------------------= ---<br>From: "Dirk Balfanz" <<a = href=3D"mailto:balfanz@google.com">balfanz@google.com</a>><br>Sent: = Tuesday, January 27, 2009 1:14 PM<br>To: "Eran Hammer-Lahav" <<a = href=3D"mailto:eran@hueniverse.com">eran@hueniverse.com</a>><br>Cc: = <<a = href=3D"mailto:xri@lists.oasis-open.org">xri@lists.oasis-open.org</a>><br>= Subject: Re: [xri] XRD: Separating resource descriptions from = authority<br><br><blockquote type=3D"cite">On Mon, Jan 26, 2009 at 7:51 = PM, Eran Hammer-Lahav <<a = href=3D"mailto:eran@hueniverse.com">eran@hueniverse.com</a>> = wrote:<br></blockquote><blockquote type=3D"cite"><blockquote = type=3D"cite"><blockquote type=3D"cite">> The CanonicalID seems to be = used exclusively for trust, which makes = me<br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite"><blockquote type=3D"cite">> = wonder if we shouldn't add a separate trust element that is about the > = XRD<br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite"><blockquote type=3D"cite">> and = not about the resource. One such idea looks like = this:<br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite"><blockquote = type=3D"cite"><br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite"><blockquote type=3D"cite">To be = honest, I'm not quite sure what the difference of <About> = and<br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite"><blockquote = type=3D"cite"><CanonicalID> is, but then I've only thought about this = in the context<br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite"><blockquote type=3D"cite">of = OpenID discovery. If you give us <About>, I don't think we = need<br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite"><blockquote = type=3D"cite"><CanonicalID>, at least not for OpenID discovery = :-)<br></blockquote></blockquote></blockquote><blockquote = type=3D"cite"><blockquote = type=3D"cite"><br></blockquote></blockquote><blockquote = type=3D"cite"><blockquote type=3D"cite">You can have a single = <CanonicalID> but many = <About>s.<br></blockquote></blockquote><blockquote = type=3D"cite"><br></blockquote><blockquote type=3D"cite">Ah, but only if = the answer to one of your other questions is that = one<br></blockquote><blockquote type=3D"cite">XRD can be about multiple = resources, right?<br></blockquote><blockquote = type=3D"cite"><br></blockquote><br>No. It is the case of one resource = with multiple uri.<br><br>=3Dnat = <br><br>------------------------------------------------------------------= ---<br>To unsubscribe from this mail list, you must leave the OASIS TC = that<br>generates this mail. Follow this link to all your TCs in = OASIS at:<br><a = href=3D"https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups= .php">https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.p= hp</a> <br></div></blockquote></div><br></div></body></html>= --Apple-Mail-215--785924555-- --Apple-Mail-216--785924352 Content-Disposition: attachment; filename=smime.p7s Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGrzCCAz8w ggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0 ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcx KDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0 ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxA dGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpB MSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUg UGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA xKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7d yfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/ p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDow OKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3Js MAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgw DQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A 9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYI Tq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8wggNoMIIC0aADAgECAhAd94+bIYviuSaQ w/qU/yWPMA0GCSqGSIb3DQEBBQUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNz dWluZyBDQTAeFw0wODEyMTIwMTU0MzFaFw0wOTEyMTIwMTU0MzFaMIGfMR8wHQYDVQQDExZUaGF3 dGUgRnJlZW1haWwgTWVtYmVyMR8wHQYJKoZIhvcNAQkBFhBqYnJhZGxleUBtYWMuY29tMR4wHAYJ KoZIhvcNAQkBFg9qYnJhZGxleUBtZS5jb20xHTAbBgkqhkiG9w0BCQEWDnZlN2p0YkBtYWMuY29t MRwwGgYJKoZIhvcNAQkBFg12ZTdqdGJAbWUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAxB2GGbZ5p8mVtg16CSDXeF8F3D+5sbs8L4b/YrHt/BvtQdE8GY202cUko/b/rXTUA0JC XZRDrOiH7ZxcqI4alJNel9AcSLepcdHN4+t2zhvWilm+YF0/r6m/1PikkVT9TWic61IZMpNWIUkk A+MWzEjChYPefdSMhxikhhMFZ0sv2qPE9pmdaPtD2uF4MwKnIzdZYo+X7rWoaXHIdsZwZDU3HdR5 rVuK5s9xvRED7TZgwE1/yHzHnTbedUWPdNNUlL24Jp3iiVzjZan8zOCn6x4b8O1QPN5b/FOZrerq FDZ2zhIBsWEcKdIxqIqPdVkrYvEfGBLMe1QIORu0J56L/QIDAQABo10wWzBLBgNVHREERDBCgRBq YnJhZGxleUBtYWMuY29tgQ9qYnJhZGxleUBtZS5jb22BDnZlN2p0YkBtYWMuY29tgQ12ZTdqdGJA bWUuY29tMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEFBQADgYEADhjvX5w/BXN7OL5y1ZfydfmJ RKezNqugUDf8XbKmmMR/o+vjx395pBpO9QF8hQwtKNDuvoxLTNDMWdcCNbvaEpqREXc7liV9FfA5 ndAB1VgDqYDjY9M9LU54LH8uqEx7+pX6qa6KoR8eRHby9zi+iuSkJ4GLI59RBnVI54x4/acxggMQ MIIDDAIBATB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5 KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQHfeP myGL4rkmkMP6lP8ljzAJBgUrDgMCGgUAoIIBbzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwG CSqGSIb3DQEJBTEPFw0wOTAxMjcxNTU3MTBaMCMGCSqGSIb3DQEJBDEWBBT+odvs/rRSIkOfZSD9 BnOT7bBWlzCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3Rl IENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWls IElzc3VpbmcgQ0ECEB33j5shi+K5JpDD+pT/JY8wgYcGCyqGSIb3DQEJEAILMXigdjBiMQswCQYD VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMj VGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEB33j5shi+K5JpDD+pT/JY8wDQYJ KoZIhvcNAQEBBQAEggEAT+UhN8LA8zP48SXHqdamA6SL2S5Z13av6DbfAjwRHnBnuNi/3y44nKCW 12jX7rXsiYXWGDIP2Nmyy61x9I9t3OyPeTH1rD1QGlHQmeqb33B2Qq5xU00b+tNq1sbcfxhmsGsV i3D0ikgLYMevqeTAv5ivRavHjR5QE6MUbmJ6fpD0gj4ppemg5c4MqNeSTyZK4IE1LbcUa1hZSCQp GKQWy77lT9L2n45Pt87OlD+BA7SGbG5UCh41O9XiksgoMdqYF3wb5TiR13CZBE5F14ST8OMVzb1M chIqYXkTIRR0D8EjqXtFty8Flng2gAnh0q1KOAuqNT6yhavd0ZuThZ8aUwAAAAAAAA== --Apple-Mail-216--785924352--
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]