[OpenID] OpenID Discovery for Email like identifiers - Draft 0.1

David Fuelling sappenin at gmail.com
Thu Jun 4 19:23:02 UTC 2009 

Replies inline...

On Thu, Jun 4, 2009 at 5:10 AM, Santosh Rajan <santrajan at gmail.com> wrote:

> The way I see it we are the "end-users" for webfinger and XRD. Their
> objective will be to cater to the our requirements and others like us. We
> need not wait for them to get on with our work. Actually they can use our
> feedback to refine and fine tune their work.
>

With regard to webfinger, that spec needs to be "specified" before we can
use it in OpenID 2.1.  My thinking is that it would be helpful to start
formalizing webfinger since in the OpenID 2.1 spec, there will probably just
be a single sentence or two saying, "email-like identifiers are supported in
OpenID discovery by using the webfinger protocol".

>From a specification development perspective, I'm not sure there's a lot
more we need to do on the OpenID side when it comes to email identifiers,
except resolve any issues relating to IPR.  Do you agree?

That said, how do we resolve the IPR issues surrounding webfinger
(basically, all the points Chris Messina mentioned in his previous
message).  To me this hinges on the webfinger folks picking some sort of
formalized standards process to work in, so that OpenID can use it properly.

If you look at XRD, that's moving forward inside of OASIS.  OAuth is moving
forward inside of IETF.  There's the OWF, but I'm not sure if they're ready
to "house" a spec just yet.  And lastly, there's the OpenID Foundation
(though admitedly this seems like an odd place to house webfinger).


> So I think we should form a working group of people like you, who have
> already worked on this, and others who may want to work on this.
>

> But I also agree with Chris's view that we don't need more working groups
> and need to fold this into 2.1.
>

+1.  I don't think OpenID 2.1 Discovery needs its own working group, because
I can see that section being only 2 sentences (I'm oversimplifying, but you
get the idea):

   1. OpenID discovery can be used on any identifier that is discoverable
   via XRD.
   2. Email-like identifier discovery should use webfinger.

The only two reasons i can think of for the need of a separate working group
> is to maintain momentum, and to have a group people solely focussed on
> discovery part of 2.1.


I think the people focusing on Discovery are already alive and kicking in
the XRD TC.  They're going to solve Discovery in a general sort of way,
allowing OpenID to utilize it in a specific manner.  In essence, the XRD
folks are doing most of the work already.

Moving forward, we need to figure out how OpenID 2.1 is going to be able to
use WebFinger.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090604/630a1621/attachment.htm>

More information about the general mailing list