[OpenID] general Digest, Vol 28, Issue 204

John Bradley john.bradley at wingaa.com
Mon Dec 29 18:52:05 UTC 2008 

Peter,

XDI is a RDF data service that uses XRI for addressing data.  Think  
SPARQL with security.

XRI proxy servers will select a sep for backwards compatibility with  
existing browsers and give you a 302 redirect to the URI element of  
the SEP.  This is based on standard XRI service selection criteria.

We will be changing the 302 to a 303 in the next version of the spec  
to make it more AWWW friendly.

You may want to look at my XRDS =jbradley for some creative things  
using content negotiation and HXRI proxys.

It is possible to run your own XRI authority server to serve the XRDS  
documents as a community registry.

In the next version of XRI we intend to make it easier for people to  
run there own XRI registries using a URI cross ref for the first  
subsegment.

iBrokers currently offer a service called a forwarding service.  This  
is separate from using the XRDS to do the forwarding.  The forwarding  
service is normally configured as the default service for queries with  
a path component.

The HXRI proxy uses URI construction to create a new URI that is  
passed to the forwarding service.  The forwarding service then  
performs a redirect.   The forwarding service itself is not a part of  
XRI, rather it is a value add provided by iBrokers.

None of this redirection applies to openID discovery directly.

Currently the URI rewriting rules are quite simple like appending the  
Query XRI etc.

The TC is looking at expanding URI construction rules in the new XRD  
spec.

I am not quite certain what you are trying to achieve,  but I suspect  
that XRI  is probably not the best thing to use as a URI rewriting and  
forwarding service.  That really was only intended as a backwards  
compatibility feature for existing web browsers.

Feel free to email me directly.

Regards
=jbradley



On 29-Dec-08, at 3:11 PM, general-request at openid.net wrote:

> Message: 1
> Date: Mon, 29 Dec 2008 09:31:48 -0800
> From: Peter Williams <pwilliams at rapattoni.com>
> Subject: Re: [OpenID] XDI cross-references
> To: "general at openid.net" <general at openid.net>
> Message-ID:
> 	<BFBC0F17A99938458360C863B716FE463981A70320 at simmbox01.rapnt.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Concerning line ~219 http://iss.xdi.org/moin.cgi/ForwardingService?action=AttachFile&do=get&target=iss-forwarding-v1.0-wd-03.pdf
>
>
> Is there anywhere I can use an XDI-like service...to try out its  
> integration with actual openid discovery clients (pbwiki, plaxo,  
> blogspot, etc)?
>
>
> Am I right to think that the scheme is saying that if I type in an  
> HXRI invoking the forwarding service, a 3xx https response may come  
> back - whose URL form _can_ be another HXRI ...calling upon another  
> XDI-like forwarding network? That pattern of double discovery may be  
> viable for realty: use an i-broker governed forwarding service to  
> locate a private forwarding service that is not governed  by i- 
> broker vendor associations. Some Realty MLSs would run their own XRI  
> forwarding service, and others would want to use the private-label  
> services of Neustar, etc.
>
> Ok less theory, more practice! We have a need to let query-based  
> openid discovery agents use their rule-rewriting expressions to  
> produce a websso-switch invocation URL of the form:
>
>
> http://swmrsso.rapmlsstg.com/sp/startSSO.ping?PartnerIdpId=rapattoni:mlsstgswmichigan:entityId
>
>
>
> If I was to use i-names as the entity name for the openid entity in  
> PartnerIdpId (=example/seattle/sightseeing), I can see the  
> forwarding service producing for me, given the input https://xri.net/=example.personal.nickname/(+forwarding)
>
>
>
> http://swmrsso.rapmlsstg.com/sp/startSSO.ping?PartnerIdpId=%3dexample%2fseattle%2fsightseeing
>
>
>
> is there an example forwarding service that is really capable of  
> this (including the url encoding)?
>
> (No...I cannot change the required form of the target URL, its set  
> by the websso-switch vendor).
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081229/ee43c881/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2486 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081229/ee43c881/attachment-0002.bin>

More information about the general mailing list