[OpenID] host-meta and "acct:"

Eran Hammer-Lahav eran at hueniverse.com
Mon Nov 9 17:13:29 UTC 2009 

I am not saying this is not a creative idea. I'm the one who originally suggested it (in what feels like ages ago in this never-ending debate). But it is just wrong to impose a new semantic meaning on an element with very clear semantic meaning. A DNS *record* isn't a DNS *concept*. This would be an abuse of a well-define URI scheme, and will only work if viewed within the narrow context of the host-meta document. There are easier options for making host-meta use a URI that are as unattractive but less abusive (such as using a URN, a well-known http URI prefix, or a semweb # signifier).

In addition, host-meta needs to support multiple hosts which is not possible with a single <Subject> (and no <Alias> is not applicable for that).

It really is time to put this to rest and move on.

EHL

From: Peter Davis [mailto:peter.davis at neustar.biz]
Sent: Monday, November 09, 2009 8:19 AM
To: Eran Hammer-Lahav
Cc: John Panzer; openid-general at lists.openid.net
Subject: Re: [OpenID] host-meta and "acct:"

A dns URI should be able to, given proper profiling, unambiguously references a host (which in dns scheme terms, the example provided intimates a dns query for 'A' records). i think that is the closest existing counterpart to what you are trying to express here, where a host is likely to be profiled for use here as a set of IP addresses and/or CNAMEs.

Not sure it would be desirable to define a different concept of host, given the close similarity to the concept you are looking for and the intentions of the dns scheme. This may also give you some flexibility in describing host in the SMTP sense:

dns:example.org?type=MX

are there requirements which would allow the definition of a phantom host, one that does not exist in the DNS, but has meaning here?

=peterd

On Nov 9, 2009, at 11:06 AM, Eran Hammer-Lahav wrote:


Not really.

DNS URIs are defined to be about the DNS *records* not about what the records point to or mean. It is a pointer into the DNS system. An XRD with a DNS URI subject would express information about that record such as who updated it and when, and potentially some security related properties. I don't really see any value in such an XRD at this point (since DNS is a self containing data source), but that's what such an XRD would mean semantically.

EHL

From: openid-general-bounces at lists.openid.net<mailto:openid-general-bounces at lists.openid.net> [mailto:openid-general-bounces at lists.openid.net] On Behalf Of Peter Davis
Sent: Monday, November 09, 2009 5:28 AM
To: John Panzer
Cc: openid-general at lists.openid.net<mailto:openid-general at lists.openid.net>
Subject: Re: [OpenID] host-meta and "acct:"

On Nov 6, 2009, at 12:42 PM, John Panzer wrote:



We have one compelling use case already where the existing <Subject> doesn't work: host-meta is "about" a host, and there is no URI scheme to represent Hosts (see IIW notes at https://docs.google.com/a/johnpanzer.com/Doc?docid=0AZojn6fzr_tFZGRqNjhzcXZfOWY1cXA3emY5&hl=en for alternatives considered). The simplest thing that anyone can come up with for this use case that doesn't run into tripwires or pitfalls is a separate element, <hm:Host>, that contains a hostname.

One possible alternative it to use the dns URI scheme (RFC4501), which, i think, for the purposes need here, would likely take the form:

          dns:www.example.org

you can, of course, use other aspects which might be interesting for use cases with host-meta such as forming dns queries in the URI to a dns authority of a zone returning RR types, but i do not know use cases for that.

=peterd


Peter Davis: Neustar, Inc.
Director & Distinguished Member of the Technical Staff
45980 Center Oak Plaza Sterling, VA 20166
[T] +1 571 434 5516 [E] peter.davis at neustar.biz<mailto:peter.davis at neustar.biz> [W]
http://www.neustar.biz/
 [X] xri://@neustar*pdavis [X] xri://=peterd
The information contained in this e-mail message is intended only for
the use of the recipient(s) named above and may contain confidential
and/or privileged information. If you are not the intended recipient
you have received this e-mail message in error and any review,
dissemination, distribution, or copying of this message is strictly
prohibited. If you have received this communication in error, please
notify us immediately and delete the original message.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091109/648563a1/attachment-0001.htm>

More information about the general mailing list