[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [xri] <Link> Semantics
As a follow-up. This wiki page, updated after the latest OpenID UX summit, uses the same approach. http://wiki.openid.net/Details-of-UX-Best-Practices-for-RPs Thanks, George George Fletcher wrote: > > I see a couple of options... but I'm not sure I've seen any consensus. > The two options I see are to use multiple <Rel> elements or multiple > <Type> elements (or a combination of both). However, this gets to how > much information should be in the XRD associated with the user's OpenID. > For example, the user's XRD could just point to OpenID provider(s) and > the service reading the XRD would need to fetch the XRD for each OP in > order to determine which services that OP supports. This means extra > fetches but might be the cleanest. This is what is proposed below. > > XRD for the OpenID: > > <XRD> > <Expires></Expires> > <Subject>https://user.op.example.com</Subject> > <Type>http://specs.openid.net/personal</Type> > <Link> > <Rel>http://openid.net/signon/1.0</Rel> > <URI>https://op.example.com</URI> > </Link> > <Link> > <Rel>http://specs.openid.net/auth/2.0/signon</Rel> > <URI>https://op2.example.com</URI> > <LocalID>https://user.op2.exampe.com</LocalID> > </Link> > </XRD> > > XRD for the https://op.example.com: > > <XRD> > <Expires></Expires> > <Subject>https://op.example.com</Subject> > <Type>http://openid.net/extensions/sreg/1.1</Type> > <Type>http://specs.openid.net/extensions/pape/1.0</Type> > > <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> > <Link> > <Rel>http://openid.net/signon/1.0</Rel> > <URI>https://op.example.com/auth</URI> > </Link> > </XRD> > > XRD for the https://op2.example.com: > > <XRD> > <Expires></Expires> > <Subject>https://op2.example.com</Subject> > <Type>http://openid.net/srv/ax/1.0</Type> > <Type>http://specs.openid.net/extensions/pape/1.0</Type> > > <Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> > <Link> > <Rel>http://specs.openid.net/auth/2.0/signon</Rel> > <URI>https://op2.example.com/auth</URI> > </Link> > </XRD> > > Please poke holes:) I'm curious as to whether others were thinking along > the same lines. I tried to find all the correct <Type> values either > from real XRDS files currently in use and/or the specifications > themselves. Note that I just made up a value for the <Type> in the XRD > for the OpenID. > > Thanks, > George > > Drummond Reed wrote: > > > > Although I'm too tired on a Friday night to try it myself right now, I > > played briefly with different scenarios for doing this over IM with Nat > > after yesterday's call. > > > > What I would love is if someone would contribute before the next > > telecon two > > fully-fleshed out example XRDs in the new proposed schema > > (http://wiki.oasis-open.org/xri/XrdOne/XrdSchema) that illustrate the > > following typical OpenID scenario: > > > > 1) An OP user's XRD that references the OP's XRD and includes links for > > OpenID 1.1, and OpenID 2.0 with SREG and PAPE support. > > > > 2) The OP's XRD that describes the OP's endpoints for both services > above. > > > > These examples would go a long ways towards closing this question, and > > would > > likely serve double duty because we could use them as the basis for > > examples > > we would use in the XRD 1.0 spec. > > > > If it's easier to just post these examples to the list, I'll > volunteer to > > transcribe them to the wiki. > > > > Thanks, > > > > =Drummond > > > > > -----Original Message----- > > > From: Nat Sakimura [mailto:n-sakimura@nri.co.jp] > > > Sent: Thursday, March 12, 2009 10:18 PM > > > To: XRI TC > > > Subject: [xri] <Link> Semantics > > > > > > Hi. > > > > > > I screwed up the DST that I called in one hour late today... > > > (Hey, it is still the second week of March!) > > > > > > Anyways: > > > > > > From what I heard over a pretty noisy international telephone line, > > > I think I heard something tlike <Link> always represents a > relationship > > > between > > > the resource described by the XRD (identified canonically by the > > > XRD:Subject element) and another target resource. > > > > > > My first question is: Could this target resource be oneself? > > > > > > In case of OpenID, both user and the OP has XRD. > > > User's <Link> elements describes which OP endpoints he wishes to use. > > > OP needs to express his target endpoint in his XRD somehow. > > > Traditionally, it was done in <Service>. Is it now <Link> that does > > this? > > > > > > If that is true, we now have no <Type> inside <Link>. > > > How do we express that <Link> is representing for example OpenID 2.0 > > AuthN > > > endpoint? > > > > > > Regards, > > > > > > =nat > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe from this mail list, you must leave the OASIS TC that > > > generates this mail. Follow this link to all your TCs in OASIS at: > > > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe from this mail list, you must leave the OASIS TC that > > generates this mail. Follow this link to all your TCs in OASIS at: > > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. Follow this link to all your TCs in OASIS at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > -- Chief Architect AIM: gffletch Identity Services Work: george.fletcher@corp.aol.com AOL LLC Home: gffletch@aol.com Mobile: +1-703-462-3494 Office: +1-703-265-2544 Blog: http://practicalid.blogspot.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]