[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes: XRI TC Telecon 2-3PM PT Thursday 2009-02-05
Following are the minutes of the unofficial telecon of the XRI TC at: Date: Thursday, 05 February 2009 USA Time: 2:00PM - 3:00PM Pacific Time (22:00-23:00 UTC) ATTENDING Markus Sabadello John Bradley Nick Nicholas Drummond Reed Peter Davis Brian Eaton Tatsuki Sakushima Eran Hammer-Lahav REGRETS Nat Sakimura AGENDA 1) DNS DISCOVERY UPDATE Peter and Brian have been having a conversation about the DNS trust profile. The thread starts here: http://lists.oasis-open.org/archives/xri/200902/msg00016.html The DNS Authority Trust Profile is here: http://wiki.oasis-open.org/xri/XrdOne/TrustProfileDNSAuthority Brian said that in the HTTP authority trust profile, you "know what you are looking for before you leave home". In the DNS trust profile, he feels that the first step is asking "someone else" for the binding between the identifier that you start with, and that introduces the trust issue. Brian feels that the XRD that's returned must have a signed statement that it is about the identifier about which you performed discovery. This "resource-name-to-document-binding" should be something you can verify by a signature on the document. He said there is an explicit requirement that you should be able to follow any number of intermediate redirects and at the point when you finally obtain a discovery document, that's when you can verify the document is authoritative to the resource name (identifier) that you started with. Drummond summarized that was the issue he was discussing with Brian in email in December. XRI has long had the use case that you need to be able to start with identifier A, discovery identifier B (with XRD B), identifier C (with XRD C), and so on, until you end out with XRD X that says it describes identifier X. By verifying each step in the process, you verify that identifier A and identifier X are synonyms for the same resource. John pointed out that with URIs, the ability to have synonyms may be constrained by the host that has the signing certificate. The action items were: # PETER will review Brian's HTTP Authority Trust Profile and add points to his DNS trust profile to harmonize them. 2) XRD 1.0 - CONTEXT URI DISCUSSION Eran explained that the HTTP Resource Descriptor Discovery (HRDD) spec is about obtaining the descriptor for the resource identified by a URI. Although HTTP is the protocol described for obtain the XRD, it doesn't matter how many redirects may be involved. Also, the HTTP response code from a link header is not relevant - only the link header itself. Eran also explained that a chain of URIs may delegate to each other, and a set of XRDs that delegate to each other (an XRD may delegate all of itself - or just a link - to another XRD). This is where trust comes in. Eran explain that the HRDD spec cannot do anything else because /host-meta (formerly /site-meta) and link elements cannot deal with redirects or return codes. All three mechanisms must be parallel; all three can only accept one URI and give you the XRD associated with it. Thus any response code, other than the final 200 when obtaining a valid XRD, are out-of-scope. (Eran described HTTP 300 response codes and the fact that they can return multiple URIs. This can be used for what is called "transparent content negotiation".) So Eran is updating the HRDD draft to reflect this new separation between URIs resolution and XRDs. # ERAN is working out to push this new HRDD draft. The new /host-meta draft is ready and going through checks. A new Link Header draft is also part of this package. 3) XRD 1.0 - OTHER DISCOVERY/SCHEMA ISSUES Eran has been focused mostly on discovery so the schema work is lagging. # ERAN will post an summary of the schema to the mailing list. (DONE) 4) NEXT CALL & SELF-SERVE AGENDA PAGE A reminder to use the self-serve agenda page for next Tuesday's call: http://wiki.oasis-open.org/xri/SelfServeAgenda
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]