[OpenID] XRI for OP Identifier?

Jean-Noel Colin jn.colin at gmail.com
Thu Apr 24 18:25:27 UTC 2008 

Drummond

THank you so much for your explanation. So the rule is safe, whenever  
XRI is used, CanonicalID is provided.

This canonical Id is the OP Identifier, right?

 From what I read in the specs, CanonicalID has to be used as the  
claimedId for the authentication request. But what is the meaning of  
using an OP's canonical ID as the claimedID? I would expect to have in  
the claimedID either a User ID, or the 'identifier_select' value to  
tell the OP to 'help' the user to select the appropriate ID. I don't  
understand the use of the canonical Id in case OP Id is supplied by  
the user instead of User Id

Thanks a lot

Jean-Noel


On 24 Apr 2008, at 17:49, Drummond Reed wrote:

> Jean-Noel,
>
> OPs that are identified with XRIs have CanonicalIDs just like users  
> that are
> identified with XRIs. The same rule applies -- the user can enter a  
> simple,
> human-friendly i-name for the OP, and the XRDS document will provide  
> the
> CanonicalID for the OP.
>
> Following is the XRDS for the OP I use (@2idi) for =drummond. You  
> can see
> that @2idi has the CanonicalID @!E5E4.83AC.F494.8CE4.
>
> <XRDS ref="xri://@2idi">
>   <XRD version="2.0">
> 	<Query>*2idi</Query>
> 	<Status ceid="off" cid="verified" code="100"/>
> 	<Expires>2008-04-24T16:43:09.000Z</Expires>
> 	<ProviderID>xri://@</ProviderID>
> 	<LocalID priority="10">!E5E4.83AC.F494.8CE4</LocalID>
> 	<CanonicalID priority="10">@!E5E4.83AC.F494.8CE4</CanonicalID>
> 	<Service priority="10">
> 		<Type>xri://$res*auth*($v*2.0)</Type>
> 		<URI
> priority="1">http://xria.authn.info/@livingdirectory/</URI>
> 	</Service>
> 	<Service priority="10">
> 		<Type select="true">http://openid.net/signon/1.0</Type>
> 		<URI append="none"
> priority="1">https://2idi.com/openid/</URI>
> 		<URI append="none"
> priority="2">http://2idi.com/openid/</URI>
> 	</Service>
> 	<Service priority="10">
> 		<Type match="default"/>
> 		<Type
> select="true">xri://+i-service*(+contact)*($v*1.0)</Type>
> 		<Path select="true">(+contact)</Path>
> 		<Path match="null"/>
> 		<URI append="qxri"
> priority="1">http://2idi.com/contact/</URI>
> 	</Service>
>   </XRD>
> </XRDS>
>
> =Drummond
>
>> -----Original Message-----
>> From: general-bounces at openid.net [mailto:general- 
>> bounces at openid.net] On
>> Behalf Of Jean-Noel Colin
>> Sent: Thursday, April 24, 2008 2:34 AM
>> To: general at openid.net
>> Subject: [OpenID] XRI for OP Identifier?
>>
>> Hi
>>
>> I have a question regarding the use of XRI as OP Identifier. The  
>> specs
>> (2.0) mention that whenever an XRI is used as the (user-supplied)
>> Identifier, the XRDS document retrieved MUST include a canonicalId,
>> which is to be used as the claimed identifier.
>>
>> As a consequence, this means that XRI can not be used as OP
>> Identifier, otherwise, what would be the value of the canonicalId? So
>> does this mean that OP Identifier can only be URI that are resolvable
>> using Yadis (since HTML Resolution is only allowed for user
>> Identifiers)?
>>
>> Thanks for clarifying this
>>
>> Best regards
>>
>> Jean-Noel Colin
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>

More information about the general mailing list