Extensions key prefix
Drummond Reed
drummond.reed at cordance.net
Wed Mar 14 01:23:16 UTC 2007
Rowan,
If I understand you correctly here, what you are saying is that openid.ns.*
prefixes work almost identically to XML namespace (xmlns) prefixes, i.e.:
* the prefix is never globally defined by dynamically defined on a
per-instance basis
* thus you don't know what the prefix is in a specific OpenID message until
you parse the message.
Do I have that right?
If so, I agree, I hadn't gleaned that out of earlier readings of the spec,
and I think it should be emphasized (in fact I'd recommend the analogy to
xmlns prefixes.
=Drummond
-----Original Message-----
From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf
Of Rowan Kerr
Sent: Tuesday, March 13, 2007 5:05 PM
To: OpenID specs list
Subject: Extensions key prefix
In all my time spent reading and implementing the OpenID Authn 2
spec, this particular detail escaped me. Johnny Bufu pointed it out
to me the other day while we were going through some Attribute
Exchange tests.
http://openid.net/specs/openid-authentication-2_0-11.html#extensions
"To associate keys with a Type URI, establish an alias by adding a
key prefixed with "openid.ns." and ending with the alias text whose
value is the Type URI."
I never picked up on the fact that these aliases can be dynamic on a
per-server or actually per-messsage basis, and assumed the key
prefixes listed in the extension specs were what one could expect to
see in a message.
This affects all proposed extensions to OpenID 2.0...
i.e. While the spec for Attribute Exchange uses "openid.ax" for its
message keys, and Simple Reg 1.1 uses "openid.sreg", in reality the
keys received in a message are determined by whatever comes after the
key openid.ns.* where the value is the URI of the extension putting
data into those keys.
So, openid.ns.ax = http://openid.net/srv/ax/1.0 implies
openid.ax.required.
But it could just as easily be openid.ns.foo = http://openid.net/srv/
ax/1.0
in which case, your sreg values would be in keys named openid.foo.*
Is this clear to everyone else? It makes sense to me now, but I think
it should be made more clear in the main spec, and perhaps the
extension specs could move away from hardcoding the openid.ns.* and
use an obvious placeholder string.
-Rowan
_______________________________________________
specs mailing list
specs at openid.net
http://openid.net/mailman/listinfo/specs
More information about the specs
mailing list