[OpenID] host-meta and "acct:"
SitG Admin
sysadmin at shadowsinthegarden.com
Fri Nov 6 22:47:58 UTC 2009
>Don't get me wrong, I think having an optional Subject is a
>pragmatic solution. I just think it de-values XRD itself to suggest
>that an optional Subject is an appropriate extension point, since (I
>suspect) the concept of Subject is shared by all users of XRD
>whether or not the element itself appears in the document.
I agree, but I think it would be difficult to maintain privacy
(anonymous XRD documents) if all the XRD elements specified what
resources they applied to (much less where to find those). I think
that applications which are concerned about mutual referencing, that
way, can require the use of Subject or another element to do so; put
in a strong warning about security so that developers who may be
unaware of this concern know to watch out for it, and leave the
possibility open (for developers who know what they're doing) to
leave it out when so desired.
-Shade
More information about the general
mailing list