Modularizing Auth 2.0 Discovery
Martin Atkins
mart at degeneration.co.uk
Wed Feb 28 20:09:04 UTC 2007
Drummond Reed wrote:
> I've always been supportive of breaking out OpenID Discovery into a separate
> spec. I wouldn't break it out into separate specs, however, because
> discovery for any OpenID identifier has have much more in common than they
> have different. For example, they all need to explain the relationship of
> the identifier being resolve to an XRDS document and the metadata needed to
> access other OpenID services.
>
My revised proposal is that the Authentication specification would
include, as part of a "Requirements for Discovery Protocols" section, a
section on the use of an XRDS document as part of discovery.
The separate discovery specs would then describe identifier recognition
and canonicalization, how to retrieve an XRDS document and any other
special non-XRDS mechanisms as appropriate.
So the HTTP/HTTPS one, for example, would:
* Describe How to recognise and canonicalize its identifiers
* Require the use of Yadis discovery to obtain the XRDS document
* Refer to the relevant section of OpenID Authentication for the XRDS
processing rules.
* Require that if Yadis fails RPs fall back on the non-XRDS-based HTML
discovery, describing how this mode returns the necessary information.
More information about the specs
mailing list