[OpenID] Why use SREG instead of AX?
Andrew Arnott
andrewarnott at gmail.com
Fri Jul 10 16:53:52 UTC 2009
Hi George,
At least for DotNetOpenAuth, only one attribute Type URI in the supported
format needs to be listed in the XRDS for DNOA to use that format, and it
won't assume that the set of attributes in the XRDS is a comprehensive list
of the attributes offered, so this isn't a problem to just list one.
In fact, since it does simple pattern matching, if for privacy reasons you
wanted to hide which attributes you offer, make one up with one of the 3
patterns, and DNOA will latch onto that pattern and send its request that
way.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - S. G. Tallentyre
On Fri, Jul 10, 2009 at 9:51 AM, George Fletcher <gffletch at aol.com> wrote:
> Sorry, didn't mean to sound like I didn't agree. I think more
> implementations could take the approach you've taken Andrew, and then with
> the registry we could simplify this so that OP's only have to publish one
> Type URI instead of one for each attribute. I suppose an OP that wanted to
> hide which attributes are available (for some privacy reason) could just add
> a URI to a single attribute that identifies the schema and then the RP would
> just send it's normal AX request asking for the data it wants.
>
> Thanks,
> George
>
> Breno de Medeiros wrote:
>
>> Agree with everything that Andrew said
>>
>> On Fri, Jul 10, 2009 at 9:34 AM, Andrew Arnott <andrewarnott at gmail.com<mailto:
>> andrewarnott at gmail.com>> wrote:
>>
>> Presumably the RP has downloaded the OP's entire XRDS document.
>> In that case, the RP just looks through the type URIs advertised
>> until it finds a single AX attribute Type URI that matches any of
>> the known three patterns, then it chooses that pattern to use. I
>> don't think that's ugly, personally, even if there were 100 type
>> URIs to sift through. But I've never seen an OP advertise that
>> many type URIs, so it doesn't seem to be too much of a problem.
>>
>>
>> I did not know that some libraries were doing this matching automatically,
>> otherwise we would have added the individual type URIs to Google's XRDS
>> document (I guess there is still time). The spec doesn't call for that
>> explicitly.
>>
>>
>> Rather than standardizing on a new type URI to indicate which
>> pattern to use, which would require some work and agreement, we
>> could expend that same effort just standardizing on a single
>> pattern that everyone should use.
>>
>> Please embrace http://wiki.openid.net/ProposalForAURLSchemaRegistry and
>> let's get AX interoperability going.
>>
>>
>>
>> --
>> Andrew Arnott
>> "I [may] not agree with what you have to say, but I'll defend to
>> the death your right to say it." - S. G. Tallentyre
>>
>>
>> On Fri, Jul 10, 2009 at 9:29 AM, George Fletcher <gffletch at aol.com
>> <mailto:gffletch at aol.com>> wrote:
>>
>> That will work (though I don't remember seeing any at the time
>> we were implementing OpenID 2.0 RP support). If I understand
>> correctly, you are doing some pattern matching against the
>> Type URIs to determine which schema is being used. Also, if
>> the OP supports 10s or 100s of attributes then this gets
>> pretty ugly. I'd prefer a single URI the represents the schema
>> being used. The rest is pretty simple from there.
>>
>> Of course it's possible I misunderstood.
>>
>>
>> Thanks,
>> George
>>
>> Andrew Arnott wrote:
>>
>> George,
>>
>> Are you sure they're not defined? AX has attribute Type
>> URIs. I've been an advocate that OPs publish all their
>> supported AX attribute Type URIs in their XRDS document so
>> that RPs know what they might expect from the OP, as well
>> as discern which format of type URI that OP supports.
>> Some OPs do just this, and DotNetOpenAuth (the RP part)
>> automatically detects this from the OP's XRDS and sends
>> either sreg or one of the three known AX type URI formats
>> out there based on what it sees in the XRDS.
>>
>> --
>> Andrew Arnott
>> "I [may] not agree with what you have to say, but I'll
>> defend to the death your right to say it." - S. G. Tallentyre
>>
>>
>> On Fri, Jul 10, 2009 at 8:48 AM, George Fletcher
>> <gffletch at aol.com <mailto:gffletch at aol.com>
>> <mailto:gffletch at aol.com <mailto:gffletch at aol.com>>> wrote:
>>
>> Sure, or just define it in the XRDS for the OP. But
>> those aren't
>> currently defined.
>>
>> Thanks,
>> George
>>
>>
>> SitG Admin wrote:
>>
>> One other issue is that AX supports multiple
>> schema and
>> there is currently no way for the OP to
>> advertise which
>> schema it's using. So an RP has to build it's
>> own mapping
>> table to know what to send to the OP when using AX.
>>
>>
>> Common key/API with "schema translation table" AX link?
>>
>> -Shade
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net <mailto:general at openid.net>
>> <mailto:general at openid.net <mailto:general at openid.net>>
>>
>> http://openid.net/mailman/listinfo/general
>>
>>
>>
>>
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net <mailto:general at openid.net>
>> http://openid.net/mailman/listinfo/general
>>
>>
>>
>>
>> --
>> --Breno
>>
>> +1 (650) 214-1007 desk
>> +1 (408) 212-0135 (Grand Central)
>> MTV-41-3 : 383-A
>> PST (GMT-8) / PDT(GMT-7)
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090710/634eb998/attachment.htm>
More information about the general
mailing list