Email Address to URL Transformation
Allen Tom
atom at yahoo-inc.com
Wed Jan 27 22:43:59 UTC 2010
Hi Paul -
I¹m not really a webfinger expert, however, the intent is to make it
possible to decouple the user¹s services from the user¹s email provider, so
they do not necessarily have to be the same entity.
Allen
On 1/27/10 1:18 PM, "Paul E. Jones" <paulej at packetizer.com> wrote:
> George,
>
> You¹re right that there are two things. The question is, do we wish to allow
> only OP advertisement via the host meta-data XRD file? That would certainly
> work for me. But, would users prefer to have a single email address (e.g.,
> user at gmail.com) and still be able to associate that with a different OP
> through webfinger?
>
> People could always have a different acct: URI. Is that preferred over trying
> to support both host meta-data and user meta-data XRD documents?
>
> Paul
>
>
> From: George Fletcher [mailto:gffletch at aol.com]
> Sent: Wednesday, January 27, 2010 3:11 PM
> To: Paul E. Jones
> Cc: 'Allen Tom'; arshad.khan at channel321.com; specs at openid.net
> Subject: Re: Email Address to URL Transformation
>
> I think there are two different things being described... (1) meta data about
> the host (host-meta) and (2) meta data about the acct: identifier (XRD
> returned from the webfinger template URI endpoint).
>
> In this thread, that host-meta XRD only describes one service of the host...
> webfinger. However, there is nothing stopping the host from also adding a
> <Link> specifying that it is also an OpenID Provider. I agree with Allen that
> this is valuable information. This doesn't preclude or supersede the XRD
> returned for the user (based on the template URI endpoint).
>
> So, if an RP is looking to find the user's OP, then follow the webfinger
> protocol. If the RP just wants to know if a domain supports OpenID it can just
> look in the host-meta for that domain.
>
> I don't think they conflict.
>
> Thanks,
> George
>
> On 1/25/10 3:52 PM, Paul E. Jones wrote:
> Allen,
>
> Perhaps we're in agreement, but I wasn't clear.
>
> I think OpenID RPs should be able to use XRD documents in order to discover
> the user's login service -- I like this. What I would *not* want is for
> that to be defined in this document:
> http://yahoo.com/.well-known/host-meta
>
> The reason is that this document is not user-specific and blankets
> everything under the yahoo.com domain.
>
> Rather, I'd want that to be in this document:
> http://webfinger.yahooapis.com/?id={%id}
>
> Or other document that allows the user to provide details about himself.
> So, if I enter paulej at yahoo.com, RPs would still be directed to
> http://openid.packetizer.com/paulej by querying the above document (or other
> document) and finding some pointer to my OP.
>
> Paul
>
>
>> -----Original Message-----
>> From: Allen Tom [mailto:atom at yahoo-inc.com]
>> Sent: Monday, January 25, 2010 1:45 PM
>> To: Paul E. Jones
>> Cc: arshad.khan at channel321.com; specs at openid.net; 'John Panzer'
>> Subject: Re: Email Address to URL Transformation
>>
>> Hi Paul -
>>
>> This assumes that every user with a Gmail or Yahoo email account can
>> use
>> their account as an OpenID. Simply asking the user to enter their email
>> address to kickoff the sign-in process is a lot more scalable than the
>> NASCAR, and is probably a lot more usable then asking them to enter
>> their
>> OpenID URL.
>>
>> Allen
>>
>> On 1/24/10 7:12 PM, "Paul E. Jones" <paulej at packetizer.com>
>> <mailto:paulej at packetizer.com> wrote:
>>
>>
>>>
>>> But, wouldn't that assume that every user who has a gmail.com or
>>>
>> yahoo.com
>>
>>> email address uses Google or Yahoo, respectively, for OpenID?
>>>
>>>
>>>
>>
>>
>
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100127/8631e8c8/attachment.htm>
More information about the specs
mailing list