Modularizing Auth 2.0 Discovery

Recordon, David drecordon at verisign.com
Wed Feb 28 20:17:23 UTC 2007


Works for me, one thing though is the Yadis spec specifically highlights
the bits of the XRDS file which are relevant in this sort of use case.
If chapter 3 is separate then this would be a smaller concern for me,
but I think part of the *ugh* feeling people get is having to read about
the full XRDS schema.

--David 

-----Original Message-----
From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On
Behalf Of Martin Atkins
Sent: Wednesday, February 28, 2007 12:17 PM
Cc: specs at openid.net
Subject: Re: Modularizing Auth 2.0 Discovery

Recordon, David wrote:
> Well there already is the Yadis spec.  Maybe the Yadis spec remains 
> separate versus becoming part of the OASIS XRI Resolution document?
> 

The XRDS-related parts of the Yadis specification seem to duplicate
requirements from XRI Resolution chapter 3.

In the interests of avoiding redundancy, I'd suggest the following
distinction:
  1. XRI Resolution chapter 3 (or a separate spin-off spec) describes
the syntax of an XRDS document.
  2. Yadis describes how to obtain an XRDS document for an HTTP or HTTPS
URL.
  3. OpenID Authentication describes how to determine the endpoint URI
and other information from an XRDS document, referencing [1].
  4. The new HTTP discovery specification would reference [2] and [3] to
describe the XRDS-based HTTP discovery mode, and then go on to describe
the HTML-based discovery fallback.

Alternatively, [3] above could be served by a separate spec "OpenID
discovery using XRDS", though I think that may be overkill for something
so straightforward.

_______________________________________________
specs mailing list
specs at openid.net
http://openid.net/mailman/listinfo/specs



More information about the specs mailing list