[OpenID] Open Challenge to webfinger and XRD

John Bradley ve7jtb at ve7jtb.com
Mon Oct 19 22:28:40 UTC 2009


The XRD 1.0 spec defines the valid XML for a XRD document.

There is no <Host> element.

A XRD may contain 0 or 1 <Subject> elements,  the value MUST be an  
absolute URI.

There are some use cases where people wanted to use XRD with an  
implicit subject rather than an explicit one, so it is permitted by  
the XSD.

The signed XRD trust model requires a <Subject> element.

It is posible that the ietf group working on host meta could define a  
extension element at the top level and not include a <Subject> ,  I  
cant speak for them.

I don't personally think that is a good idea.

People will be able to construct multiple trust models from XRD  
documents.  LRDD uses XRD but is not part of XRD.

I understand there desire to have a Subject that is about the DNS host  
rather then the URI.

I have scars from similar discussions with the W3C in the past.

There are a number of ways they can address the problem.  I don't  
think they liked my suggestions.
It is there spec.

I don't know that it is a forgone conclusion that openID will adopted  
LRDD, or WebFinger  .

I am certain that Eran and others will give due consideration to your  
input.

Regards
John Bradley


On 2009-10-19, at 7:00 PM, Santosh Rajan wrote:

> Hi John,
> Let me get this strait here. I am unable to participate in the OASIS  
> discussions because I haven't figured the process yet. And in any  
> case all this has a bearing on OpenID, (it is the no 1 use case).
> What you are saying is
> 1) The host-meta will (MUST) have a <Subject> Element which will be  
> the domain URL of the host. There will be no <Host> element instead.
> 2) (This is not something you have said explicitly) . All XRD's  
> including host-meta "MUST" have "1" <Subject> element as an  
> immediate child element of the XRD Root whose value is a URI  
> describing the subject of the XRD.
>
> On Tue, Oct 20, 2009 at 3:04 AM, John Bradley <ve7jtb at ve7jtb.com>  
> wrote:
> Santosh,
>
> That was a thread on the use of signing elements in <Link> elements.
>
> Dirk's use of <Host> in his example XRD is not valid XRD syntax.
>
> It wasn't commented on because it was not the topic of the email  
> thread.
>
> If you have comments on the XRD spec.
>
> http://www.oasis-open.org/committees/download.php/34724/xrd-1.0-wd09.html
>
> You are welcome to submit them through the formal process.
>
> Regards
> John Bradley
>
> On 2009-10-19, at 5:51 PM, Santosh Rajan wrote:
>
>
> Hi John,
> The last time I saw an example of an XRD host-meta is here on 15th  
> Oct here
> http://lists.oasis-open.org/archives/xri/200910/msg00055.html
>
> It has a <Host> instead of <Subject>. If you are saying that it is  
> not part
> of the XRD spec and it is part of the host-meta spec, it still  
> doesnt change
> my argument. As an end-user of the the discovery mechanism the  
> effect is
> still the same for me.
>
> You say you have a hard time following me! Isn't it a case of the pot
> calling the kettle black? How many people are going to follow what  
> you have
> said bellow. I will only quote one sentence you have written and  
> ignore the
> rest.
>
>
> "The Subject of a XRD is the <Subject> of the XRD there can be 0 or 1
> in an XRD."
>
> That is exactly what you said. Now tell me how can there be a "0"  
> <Subject>
> for an XRD. What meaning does an XRD have with "0" <Subject>?
>
>
>
>
> John Bradley-9 wrote:
>
> Hi Santosh,
>
> I am having a hard time following your point.
>
> This is the current draft of the XRD spec.
> http://www.oasis-open.org/committees/download.php/34724/xrd-1.0-wd09.html
>
> There is no <Host>  element in the spec.
>
> The Subject of a XRD is the <Subject> of the XRD there can be 0 or 1
> in an XRD.
>
> HostMeta is a spec that uses the OASIS XRD spec.
>
> I know that they want to have what is essentially an abstract Subject.
>
> ie one that is about the host and not the URI.
>
> This is a URL problem and not an XRI one.
>
> Any number of wars have been fought over how to represent non-
> information resources with URI.
>
> We did give the group working on host-meta as a itef spec some options
> on how they might do that.
>
> Using the DNS scheme or a URI fragment are all possibilities.  I don't
> know if they have come to a conclusion.   Whatever they decide someone
> will be unhappy if history is anything to go by on this topic.
>
> There is a public review period for XRD coming up and a process for
> you to make formal submissions if you want to have input but not join
> the TC.
>
> John B.
>
> On 2009-10-19, at 3:27 PM, Santosh Rajan wrote:
>
>
> This is an Open Challenge i am sending to the webfinger, XRD forums.
> These
> guys really think I am an Idiot. "Maybe I am". "BUT I AM NOT GOING
> DOWN
> WITHOUT A FIGHT".
>
> Really, I really don't know. Let us hear the arguments they give.
> Maybe i am
> a brainless stupid, that is why i feel all of them are hollow. But
> let them
> prove I am stupid. "IF THEY CAN", IF they can, we will hand it to
> them, "THE
> IDENTITY OSCAR".
>
>
>
> Hi All,I know you guys don't like to hear from me. I have been told
> so much.
> By your moderators. That people on this forum are not "Happy" to
> hear from
> me.
> Like it or "NOT" you are going to hear from me. I am not sure if
> this post
> of mine will be allowed to be published. But let us see.
> I have so many grouses with "XRD" and today I am going to start with
> my
> first grouse. Since WebFinger by definition is going to follow XRD,
> don't
> argue with me about webfinger. Lets talk about XRD to start with me.
> I am throwing a challenge to all the XRD guys. Prove to me that the
> <Subject> of an XRD host-meta document has to be <Host> instead of
> <Subject>. If you "smart" guys can prove this to me, I will agree
> that "I am
> a complete Idiot". If "NOT" all of you web fingerer's and XRD's are
> Idiots!!!!
>
> -----
>
> Santosh Rajan
> http://santrajan.blogspot.com http://santrajan.blogspot.com
> -- 
> View this message in context:
> http://www.nabble.com/Open-Challenge-to-webfinger-and-XRD-tp25963216p25963216.html
> Sent from the OpenID - General mailing list archive at Nabble.com.
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
>
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
>
>
>
> -----
>
> Santosh Rajan
> http://santrajan.blogspot.com http://santrajan.blogspot.com
> -- 
> View this message in context: http://www.nabble.com/Open-Challenge-to-webfinger-and-XRD-tp25963216p25965303.html
>
> Sent from the OpenID - General mailing list archive at Nabble.com.
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
>
>
>
> -- 
> http://hi.im/santosh
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091019/d7b0b5e8/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2468 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091019/d7b0b5e8/attachment.bin>


More information about the general mailing list