[OpenID] experimental namespace for openid.net

Santosh Rajan santrajan at gmail.com
Tue Jul 14 04:34:33 UTC 2009 

Just a thought. What if you don't use a namespace at all. And call it your
own extension to XRDS which anyone is free to use.


Dirk Balfanz wrote:
> 
> On Mon, Jul 13, 2009 at 1:44 PM, John Bradley
> <john.bradley at wingaa.com>wrote:
> 
>> Dirk,
>>
>> I don't think the openid general list can give you permission to do
>> anything.
>>
> 
> I understand that. I'm trying to gauge what people think about the idea.
> If
> there would be lots of "sure, that sounds like a good idea" responses, I
> would take heart in knowing that I would probably not end up in purgatory
> if
> I went ahead and used the namespace even before a formal approval process
> has been found. But frankly, I would have thought that we could do
> something
> like X-... HTTP headers, which wouldn't even need approval.
> 
> 
>>
>> The only negative response was from David who I believe wants the
>> namespace
>> reserved for official openID WG.
>>
>> If we can get the registry going I would personaly be OK with you using
>> experimental.openid.net.
>>
>> However at this point I have to recommend using something in the google
>> namespace.
>>
>> What you have proposed is a prototype so I don't think,  using a
>> different
>> namespace is a big deal.
>>
> 
> Well, that's the alternative. I'd hate to do that, though, since I'm not
> trying to invent some Google-proprietary thing. I would like to signal to
> the world that (at least in my opinion) this is a contribution to the
> ongoing conversation about how OpenID should evolve.
> 
> 
>> OpenSocial is using its own namespace.
> 
> 
> They're extending XRDS for OpenSocial discovery, so they use an OpenSocial
> namespace. I'm extending XRDS to discover OpenID endpoints, so I'd like to
> use an OpenID namespace.
> 
> 
> 
>> I just don't think holding up your work to get something registered in
>> experimental.openid.net is worth it.
>> I also don't think it is appropriate for google to use it without the
>> appropriate permission whatever that turns out to be.
>>
>> It isn't like my opinion counts for much but you have it.
>>
> 
> Thanks John, always appreciated!
> 
> Dirk.
> 
> 
> 
>>
>> Regards
>> John B.
>>
>> On 13-Jul-09, at 1:34 PM, general-request at openid.net wrote:
>>
>>  Date: Mon, 13 Jul 2009 10:10:46 -0700
>>> From: Dirk Balfanz <balfanz at google.com>
>>> Subject: Re: [OpenID] experimental namespace for openid.net
>>> To: Breno de Medeiros <breno at google.com>
>>> Cc: OpenID Specs Mailing List <specs at openid.net>,       "
>>> general at openid.net
>>>        List" <general at openid.net>
>>> Message-ID:
>>>        <60c552b80907131010w10bec492h3cb544488f2f4c3f at mail.gmail.com>
>>> Content-Type: multipart/alternative;
>>>        boundary=0016369fa20d26d882046e9967c1
>>>
>>> --0016369fa20d26d882046e9967c1
>>> Content-Type: text/plain; charset=ISO-8859-1
>>> Content-Transfer-Encoding: 7bit
>>>
>>>
>>> Hi guys,
>>> somehow I only get sporadic messages from this mailing list (I'll have
>>> to
>>> dig through my spam settings, etc, to find out what's going on there),
>>> so
>>> I
>>> read the various responses on the web archives. Let me try to respond to
>>> them:
>>>
>>> - XMLDSIG vs. other kinds of signatures: This is exactly the kind of
>>> discussion going on at the XRI TC right now. There are those on the TC
>>> that
>>> think xmldsig with constrained c14n will work, and those that think that
>>> this is still too complicated. You're welcome to join the TC and
>>> participate
>>> in the discussion.
>>>
>>> - Google "gatewaying" users through itself (by hosting host-meta files
>>> for
>>> domains at Google): we have no intention of gatewaying users through
>>> Google.
>>> When a domain hosts its own host-meta, the discovery will of course just
>>> work. We simply asked ourselves the question: How can we give all our
>>> Google
>>> Apps users an OpenID with the least amount of work required on the part
>>> of
>>> the Google Apps domain admins? Domains should host their own host-meta.
>>> If
>>> they don't (and many won't), RPs should find a way to still perform
>>> discovery for that user. Trying Google _first_, and then the domain,
>>> will
>>> in
>>> the vast majority of cases result in lower latency from
>>> user-supplied-identifier to discovery information than the other way
>>> 'round.
>>> But RPs can do whatever they want. They could, for example, try both in
>>> parallel and go with whatever host-meta comes back first (be that from
>>> Google, from another hosting provider, or from the actual domain).
>>>
>>> - Having said all that, what I was trying to figure out in this thread
>>> was
>>> that assuming that a provider wants to launch a proof-of-concept
>>> implementation of a feature that I think we all agree is needed in
>>> OpenID
>>> (in this case, better discovery), what namespace should the provider use
>>> for
>>> the various pieces in the protocol that haven't officially been approved
>>> yet. The responses that actually tried to address that question seemed
>>> to
>>> think that http://experimental.openid.net was a good idea, but that some
>>> sort of process might be needed to hand out chunks of that namespace. I
>>> assume that that process should make sure that the provider in question
>>> is
>>> making a good-faith effort to actually contribute to the OpenID
>>> community
>>> during the further development of the feature in question, as opposed to
>>> grabbing just a chunk of semi-official-sounding namespace? I'm a wee bit
>>> concerned that the processes that people want to see in place for this
>>> might
>>> take a bit of time to establish (feel free to prove me wrong by setting
>>> up
>>> a
>>> registry, etc!), so I'm wondering whether in this case we could follow
>>> the
>>> spirit of the yet-to-be-established process (assuming I captured it
>>> correctly), as opposed to the letter (which doesn't exist yet), and just
>>> agree that it is ok for us, in this case, to use that namespace.
>>>
>>> Cheers,
>>>
>>> Dirk.
>>>
>>>
>>
> 
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
> 
> 


-----

Santosh Rajan
http://santrajan.blogspot.com http://santrajan.blogspot.com 
-- 
View this message in context: http://www.nabble.com/Re%3A-experimental-namespace-for-openid.net-tp24432471p24473554.html
Sent from the OpenID - General mailing list archive at Nabble.com.

More information about the general mailing list