Extensions key prefix

Drummond Reed drummond.reed at cordance.net
Wed Mar 14 01:23:16 UTC 2007


Rowan,

If I understand you correctly here, what you are saying is that openid.ns.*
prefixes work almost identically to XML namespace (xmlns) prefixes, i.e.:

* the prefix is never globally defined by dynamically defined on a
per-instance basis
* thus you don't know what the prefix is in a specific OpenID message until
you parse the message.

Do I have that right?

If so, I agree, I hadn't gleaned that out of earlier readings of the spec,
and I think it should be emphasized (in fact I'd recommend the analogy to
xmlns prefixes.

=Drummond 

-----Original Message-----
From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf
Of Rowan Kerr
Sent: Tuesday, March 13, 2007 5:05 PM
To: OpenID specs list
Subject: Extensions key prefix

In all my time spent reading and implementing the OpenID Authn 2  
spec, this particular detail escaped me. Johnny Bufu pointed it out  
to me the other day while we were going through some Attribute  
Exchange tests.

http://openid.net/specs/openid-authentication-2_0-11.html#extensions

"To associate keys with a Type URI, establish an alias by adding a  
key prefixed with "openid.ns." and ending with the alias text whose  
value is the Type URI."

I never picked up on the fact that these aliases can be dynamic on a  
per-server or actually per-messsage basis, and assumed the key  
prefixes listed in the extension specs were what one could expect to  
see in a message.

This affects all proposed extensions to OpenID 2.0...
i.e. While the spec for Attribute Exchange uses "openid.ax" for its  
message keys, and Simple Reg 1.1 uses "openid.sreg", in reality the  
keys received in a message are determined by whatever comes after the  
key openid.ns.* where the value is the URI of the extension putting  
data into those keys.

So, openid.ns.ax = http://openid.net/srv/ax/1.0 implies  
openid.ax.required.

But it could just as easily be openid.ns.foo = http://openid.net/srv/ 
ax/1.0
in which case, your sreg values would be in keys named openid.foo.*

Is this clear to everyone else? It makes sense to me now, but I think  
it should be made more clear in the main spec, and perhaps the  
extension specs could move away from hardcoding the openid.ns.* and  
use an obvious placeholder string.

-Rowan

_______________________________________________
specs mailing list
specs at openid.net
http://openid.net/mailman/listinfo/specs




More information about the specs mailing list