[OpenID] URL normalization issues

John Panzer jpanzer at aol.net
Fri Mar 23 18:52:52 UTC 2007

Gabe Wachob wrote:
> RFC 2616 is very clear about what to do: http://example.com and
> http://example.com/ should be equivalent. Again, see section 3.1.2 of RFC
> 2616. 
> Furthermore, I'm not sure why we have to talk about a "normalized" form. If
> all implementations comply with RFC 2616, section 3.1.2, then it doesn't
> matter whether a component is presented with http://example.com or
> http://example.com/, it should do the same thing (ie it should treat the two
> as equivalent). 
> And I don't see why it matters that some web browsers want to redirect
> http://example.com/foo to http://example.com/foo/ - you should be able to
> reconfigure a server not to do that, if it causes problems for OpenID. 
Given two hCards,

<a class="url fn uid" href="http://example.com/foo">Foo Bar</a>
<a class="url fn uid" href="http://example.com/foo/">F. Bar</a>

should I consider these two identities equivalent, or not?[1]  Or is 
there a way to resolve them by asking the servers (not doing an auth 
check, just a canonicalization check of some kind)? 

Perhaps this is an hCard problem, but I think it will pop up in other 
contexts as well and hopefully the answers would be the same regardless 
of context.


[1] "uid" is used if you have a globally unique identifier for a given 
identity.  The recommendation from the microformats community is to use 
"uid" as a hint that your URL is also usable as a unique identifier.

More information about the general mailing list