Specifying identifier recycling

Drummond Reed drummond.reed at cordance.net
Thu May 31 04:58:36 UTC 2007


>>> John Panzer wrote:
>>>
>>> Has there been a discussion about an extension to map to/from i- 
>>> numbers
>>> via AX?  If there were a generic attribute you could stuff an i- 
>>> number
>>> or a hash of an internal ID in there to help solve the disambiguation
>>> problem.  Alternatively it'd be nice to have a way to ask when the
>>> account was created, if the OP is amenable.
>>>
>> Martin Atkins wrote
>>
>> If you're going to use i-numbers, then there's no reason at all not to
>> use the XRD CanonicalID element. The same mechanism that's used to map
>> i-names onto i-numbers can also be used to map URLs onto i-numbers, or
>> URLs onto other URLs.
>>
>> I'm sure Drummond can talk in more detail about this. We did  
>> discuss it
>> briefly at IIW, but once the majority had decided that the fragment
>> approach was the way to go we didn't get a chance to investigate this
>> further.
>
>Johnny Bufu wrote;
>
>We did look at this (with Drummond) in December. The bottom line is  
>that it can't be done easily - a mechanism similar to XRI's canonical  
>ID verification would have to be employed, to confirm that the i- 
>number actually 'belongs' to the URL on which discovery was  
>initiated. (Otherwise anyone could put any i-number in their URL- 
>based XRDS files.)

Johnny:

Martin, Gabe, and I discussed this at IIW, and the CanonicalID verification
process that's specified in the XRI Resolution 2.0 Working Draft 11
specification (of which the first editor's draft has now been posted - see
below) could be applied even if the XRDS was discovered via a URL.

To do this, RP code would need to confirm the CanonicalID i-number was
authoritative for the XRDS, which is essentially the same process the RP has
to go through anyway when the OP returns a different identifier than the one
the user originally entered at the RP (such as in the directed identity
flow).

In the first editor's draft of WD11, we only specified Canonical ID
verification when an XRDS was discovered from an XRI. But in the second
editor's draft (due early next week), we could add text specifying how to do
Canonical ID verification when the XRDS is discovered from a URL.

Although it's not yet content complete, you can review the Canonical ID
verification section (section 11) as well as the Yadis section (section 8)
in the first editor's draft of WD11 at:

	
http://www.oasis-open.org/committees/download.php/24096/xri-resolution-v2.0-
wd-11-ed-01.doc 

To make it easier to review, we've also posted section 8 (the Yadis section)
as a wiki page on the XRI TC wiki. See my next message about that.

=Drummond 




More information about the specs mailing list