[OpenID] User-editable XRDS files?

Peter Williams pwilliams at rapattoni.com
Fri Feb 6 00:04:18 UTC 2009 

As far as I know, the ONLY way for a user to require the user-interaction with the OP to be over SSL is to exploit delegation (to the OP's https endpoint). An RP redirecting the browser to other than the exact OP endpoint indicated by the (delegating) user is non-conforming, surely?

I do agree that HTML meta tags are pretty good fall back to XRDS , since openid2 discovery agents are REQUIRED to support openid1-era metadata (albeit with modern tags).

At the same time, a wizard for making an XRDS file showcasing the several delegations to your several OPs (where your several openids are the inputs, initially) doesn't seem exactly that hard to do! I'm somewhat amazed no one has done it. Sounds like a day's project for a competent programmer (which excludes me). Stuffing the resulting file into your Google Site is the next step... using the pointer to the resource on Google Site then makes you your vanity OpenID, surely?


From: Breno de Medeiros [mailto:breno at google.com]
Sent: Thursday, February 05, 2009 3:37 PM
To: Peter Williams
Cc: Johannes Ernst; OpenID List
Subject: Re: [OpenID] User-editable XRDS files?

Is this an interesting problem?

Advanced users can use XRI. Bloggers can use meta-links and other techniques to delegate to various OPs that support delegation. What is the market for user-editable XRDS until other features such as OAuth endpoints for contacts, etc., are fully supported in XRDS?

For regular users, the big problem now is how to detect their OP preferences. If we could assume that we could guess the user's prefered identity and provider in any situation, and we had needs for more advanced XRDS-supported discovery (i.e., beyond their OP choice), then this problem carries with it real-world value.

When that day comes, I think allowing users to edit their XRDSes will not be enough. They will want to have privacy controls about which parts of the XRDS document are visible under what circumstances, possibly controlling this via OAuth tokens.
On Thu, Feb 5, 2009 at 3:05 PM, Peter Williams <pwilliams at rapattoni.com<mailto:pwilliams at rapattoni.com>> wrote:
Of course XRI does all this.

But rather than force folk to  go the XRI path "merely" to get editable XRDS wit delegation entries that are then hosted by site other than a controlling OP, we can have wizards at webapps do the same.

XRI should not be the only source of vanity websites. XRI should mainly sell itself on the portability benefits, not mere vanity XRDS hosting/wizarding.

> -----Original Message-----
> From: general-bounces at openid.net<mailto:general-bounces at openid.net> [mailto:general-bounces at openid.net<mailto:general-bounces at openid.net>] On
> Behalf Of Peter Williams
> Sent: Thursday, February 05, 2009 11:41 AM
> To: Johannes Ernst; OpenID List
> Subject: Re: [OpenID] User-editable XRDS files?
>
> Ive certainly found none.
>
> Now, none of them allow any delegation from the OP hosted XRDS files
> either - that being something one does in the non-OP vanity URL/site
> case (only).
>
> What we need is a openid-foundation hosted wizard tool: acting as RP,
> pull several user XRDS's files from n OPs, and formulate a vanity XRDS
> for folks to stuff on their web/file server. It can take as input an
> existing vanity XRDS, so that it can regenerate the vanity XRDS in the
> wizard, with amenedments.
>
> > -----Original Message-----
> > From: general-bounces at openid.net<mailto:general-bounces at openid.net> [mailto:general-bounces at openid.net<mailto:general-bounces at openid.net>]
> On
> > Behalf Of Johannes Ernst
> > Sent: Thursday, February 05, 2009 11:35 AM
> > To: OpenID List
> > Subject: [OpenID] User-editable XRDS files?
> >
> > Which OpenID providers do you know of that let users edit their XRDS
> > files? E.g. to add additional OpenID providers, portable contact
> > providers etc.?
> >
> > I came up empty, so I figured I ask.
> >
> > For OpenID providers: why do you / do you not let your users edit
> those
> > files? (Preferably with a nice GUI on top)
> >
> > Cheers,
> >
> >
> > Johannes.
> >
> >
> >
> > Johannes Ernst
> > NetMesh Inc.
>
> _______________________________________________
> general mailing list
> general at openid.net<mailto:general at openid.net>
> http://openid.net/mailman/listinfo/general
_______________________________________________
general mailing list
general at openid.net<mailto:general at openid.net>
http://openid.net/mailman/listinfo/general



--
--Breno

+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090205/38047c64/attachment-0002.htm>

More information about the general mailing list