[OpenID] is openid 2.0 a lightweight identity system?

Chasen, Les les.chasen at neustar.biz
Sat Feb 10 18:49:43 UTC 2007 

You can request to view an XRDS document of any XRI by asking the
resolver for it.  Here is an example for my iname,
http://xri.net/=les?_xrd_r=application/xrds%2bxml

The _xrd_r parameter tells the resolver, in this case the global proxy
resolver, for the XRDS document for =les.  Some services that I
advertise other than my OpenId SSO one are:

My contact page:  http://xri.net/=les
My SIP phone:  http://xri.net/=les/+phone
My Skype chat:  http://xri.net/=les/skype/chat

I could also hide those behind my forwarding service that all XRI
i-brokers (http://inames.net/register.html) provide.  

If you have http://xri.net/=wil 's firefox plugin (FoXRI) you can drop
the http://xri.net and just request the i-name.  His plugin display's
the XRDS document in a more human friendly explorer format.  Try it out,
http://foxri.sourceforge.net/.

I think I have seen answers to all the questions on this thread but if
there are others please let us know.  As Gabe pointed out we are
attempting to provide digestable information at http://dev.inames.net.
His 'busy developer's guide'
(http://dev.inames.net/wiki/XRI_Busy_Web_Developer%27s_Guide) and
Steve's 'CanonicalId verification'
(http://dev.inames.net/wiki/XRI_CanonicalID_Verification) are good
reads.

=les
 
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net]
On
> Behalf Of Johannes Ernst
> Sent: Friday, February 09, 2007 12:29 PM
> To: Simon Willison
> Cc: general at openid.net
> Subject: Re: [OpenID] is openid 2.0 a lightweight identity system?
> 
> I think one way of answering most of these questions in one big swoop
> is by pointing you to some XRDS files that have more than just OpenID
> auth in them.
> I volunteer
>      http://mylid.net/jernst?meta-capabilities   (the URI to the
> Yadis file associated with my mylid.net openid)
> which has a bunch of stuff in it.
> 
> Maybe others have examples, too.
> 
> 
> 
> On Feb 9, 2007, at 0:18, Simon Willison wrote:
> 
> > On 2/9/07, Johannes Ernst <jernst+openid.net at netmesh.us> wrote:
> >> This is a misunderstanding. XRDS is crucial if OpenID ever wants to
> >> grow beyond authentication, because it captures the meta-data
that's
> >> needed to say which service types are available and where for a
given
> >> identifier (aka OpenID URL).
> >
> > That's exactly the kind of answer I was looking for. Now help me
> > understand:
> >
> > 1. How XRDS helps OpenID grow beyond authentication.
> > 2. Why OpenID growing beyond authentication is a good idea - what
kind
> > of additional problems does that let us solve?
> > 3. Why can't those problems be solved as separate extensions to the
> > OpenID spec? Is it really necessary for XRDS to be in core OpenID -
> > does it act as a kind of plug-in mechanism without which extending
> > OpenID would be significantly less likely to achieve consensus, for
> > example?
> >
> > One of my favourite things about the original OpenID spec was that
it
> > took one very small problem - authentication over the Web - and
/just/
> > solved that, in the same vein as the Unix philosophy of building
small
> > tools that only do one thing.
> >
> > The first paragraph of the OpenID 2.0 spec states the following:
> >
> > """
> > OpenID Authentication provides a way to prove that an end user
> > controls an Identifier. It does this without the Relying Party
needing
> > access to end user credentials such as a password or to other
> > sensitive information such as an email address.
> > """
> >
> > There's nothing there about growing beyond authentication or
meta-data
> > about service types. I'll be completely honest here: I don't
> > understand what "service type" or "service" actually means. The
OpenID
> > 2.0 spec doesn't help me here - as far as I can tell, a "service" is
> > anything that fits in an <xrd:Service> element.
> >
> > The YADIS spec has an implementor's glossary, but isn't actually any
> > more useful as it recursively defines a "Service" as "A service
> > provided by a Yadis Resource" and a "Yadis Resource" as "A computer
> > software process (or system of processes)
> > that provides oneYadis Protocol".
> >
> > The XRI Resolution spec does only slightly better, defining "Service
> > Endpoints" as "descriptors of concrete URIs at which network
services
> > are available for the
> > target resource".
> >
> > I'm now three specs in and I still don't know what a service is! I'm
> > obviously missing something critically important here.
> >
> > Since I don't like complaining about things without at least trying
to
> > offer a solution, here are my first proposed questions for an OpenID
> > FAQ:
> >
> > 1. When the OpenID / Yadis / XRI Resolution specifications talk
about
> > a "service", what do they mean? Are they all talking about the same
> > concept?
> >
> > 2. Why is XRDS a useful component of the OpenID 2.0 specification?
> >
> > 3. If XRDS' main function is to allow OpenID to grow beyond
> > authentication, how does that fit with the stated aim of solving
just
> > one part of the overall authentication problem? Is that aim still
part
> > of the OpenID philosophy?
> >
> > Question 3 isn't really suitable for an FAQ, but I'd personally love
> > to know the answer. Maybe OpenID 2.0 needs an updated philosophy
> > statement.
> >
> > Cheers,
> >
> > Simon
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list