[OpenID] making OpenId RESTful

Pat Cappelaere pat at cappelaere.com
Thu Jan 21 03:25:11 UTC 2010


Tom,

On Jan 20, 2010, at 9:48 PM, Allen Tom wrote:

> [Moving this thread from openid-general to openid-specs]
> 
> 
> On 1/19/10 6:23 AM, "Story Henry" <henry.story at bblfish.net> wrote:
> 
> 
>>  b. the data format is a name value pair with no global namespace. This is
>> very limited compared to RDF and creates a very heavy extensibility bottleneck
>>  c. The data has to be passed inside the redirected URL. So the amount of
>> data that can be exchanged is limited to a max of 1024 bytes.
> 
> Hi Henry,
> 
> The lack of a standard schema, and the max URL sizelimit (I believe 2048
> bytes is the max) needs to be fixed.
> 
> Having no standard schema causes interop problems. Defining a basic set of
> commonly used attributes (similar to what was previously done for Simple
> Registration) should be done in AX 1.1
> 
There is no such thing as commonly used attributes.  We do use a lot of extended attributes for our particular application at NASA.  We need to make sure people can still extend at will.

> The redirect URL sizelimit can theoretically be worked around by switching
> to HTTP POST - however this does not work acceptably in real-world
> deployments because most RPs don't support HTTPS. Returning the response via
> HTTP POST from an OP that supports HTTPS to an RP that uses an HTTP
> return_to URL results in a scary browser security warning displayed to the
> user. Displaying a security warning to the user is an unacceptable UX.
> 
> I think the quick hack that will be done in AX 1.1 will be to make the
> standard AX attribute names a lot shorter - I believe that it was suggested
> (half jokingly) that we use bit.ly URLs. Another possible approach would be
> to define the attribute aliases supported by the OP in the OP's discovery
> document.
Does not sound very appealing.  Are you sure you do not want to consider Henry's approach using FOAF?  It would solve your standard schema/interop/extensibility issue.
Thanks,
Pat/


More information about the specs mailing list