<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:st1="urn:schemas-microsoft-com:office:smarttags" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><o:SmartTagType
namespaceuri="urn:schemas-microsoft-com:office:smarttags" name="address"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="place"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="City"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="State"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="PostalCode"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="Street"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
h1
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:0in;
page-break-after:avoid;
font-size:16.0pt;
font-family:Arial;
font-weight:bold;}
h2
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:0in;
page-break-after:avoid;
font-size:14.0pt;
font-family:Arial;
font-weight:bold;
font-style:italic;}
h3
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:0in;
page-break-after:avoid;
font-size:12.0pt;
font-family:Arial;
font-weight:bold;}
h4
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:0in;
page-break-after:avoid;
font-size:10.0pt;
font-family:"Times New Roman";
font-weight:bold;
font-style:italic;}
p.MsoHeader, li.MsoHeader, div.MsoHeader
{margin:0in;
margin-bottom:.0001pt;
border:none;
padding:0in;
font-size:10.0pt;
font-family:Arial;}
p.MsoFooter, li.MsoFooter, div.MsoFooter
{margin:0in;
margin-bottom:.0001pt;
border:none;
padding:0in;
font-size:10.0pt;
font-family:Arial;}
p.MsoTitle, li.MsoTitle, div.MsoTitle
{margin-top:0in;
margin-right:0in;
margin-bottom:9.0pt;
margin-left:0in;
text-align:center;
font-size:16.0pt;
font-family:Arial;
font-weight:bold;}
p.MsoBodyText, li.MsoBodyText, div.MsoBodyText
{margin-top:0in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman";}
p.MsoSubtitle, li.MsoSubtitle, div.MsoSubtitle
{margin-top:0in;
margin-right:0in;
margin-bottom:.25in;
margin-left:0in;
text-align:center;
font-size:12.0pt;
font-family:Arial;}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p
{mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman";}
p.Quote, li.Quote, div.Quote
{margin-top:0in;
margin-right:.5in;
margin-bottom:6.0pt;
margin-left:.5in;
font-size:12.0pt;
font-family:"Times New Roman";
font-style:italic;}
p.Wiki, li.Wiki, div.Wiki
{margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.Graphic, li.Graphic, div.Graphic
{margin-top:0in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:10.0pt;
font-family:Arial;
font-style:italic;}
span.EmailStyle27
{mso-style-type:personal-reply;
font-family:Arial;
color:navy;}
/* Page Definitions */
@page
{mso-endnote-separator:url("cid:header.htm\@01C6FBB2.AC013AB0") es;
mso-endnote-continuation-separator:url("cid:header.htm\@01C6FBB2.AC013AB0") ecs;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:-132;
mso-list-type:simple;
mso-list-template-ids:-1328661930;}
@list l0:level1
{mso-level-tab-stop:1.25in;
mso-level-number-position:left;
margin-left:1.25in;
text-indent:-.25in;}
@list l1
{mso-list-id:-131;
mso-list-type:simple;
mso-list-template-ids:-909054546;}
@list l1:level1
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
margin-left:1.0in;
text-indent:-.25in;}
@list l2
{mso-list-id:-130;
mso-list-type:simple;
mso-list-template-ids:531935922;}
@list l2:level1
{mso-level-tab-stop:.75in;
mso-level-number-position:left;
margin-left:.75in;
text-indent:-.25in;}
@list l3
{mso-list-id:-129;
mso-list-type:simple;
mso-list-template-ids:2046339550;}
@list l3:level1
{mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l4
{mso-list-id:-128;
mso-list-type:simple;
mso-list-template-ids:82112870;}
@list l4:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.25in;
mso-level-number-position:left;
margin-left:1.25in;
text-indent:-.25in;
font-family:Symbol;}
@list l5
{mso-list-id:-127;
mso-list-type:simple;
mso-list-template-ids:-1405587484;}
@list l5:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
margin-left:1.0in;
text-indent:-.25in;
font-family:Symbol;}
@list l6
{mso-list-id:-126;
mso-list-type:simple;
mso-list-template-ids:828961842;}
@list l6:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.75in;
mso-level-number-position:left;
margin-left:.75in;
text-indent:-.25in;
font-family:Symbol;}
@list l7
{mso-list-id:-125;
mso-list-type:simple;
mso-list-template-ids:1053828088;}
@list l7:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l8
{mso-list-id:-120;
mso-list-type:simple;
mso-list-template-ids:-2021464228;}
@list l8:level1
{mso-level-tab-stop:.25in;
mso-level-number-position:left;
margin-left:.25in;
text-indent:-.25in;}
@list l9
{mso-list-id:-119;
mso-list-type:simple;
mso-list-template-ids:445916746;}
@list l9:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.25in;
mso-level-number-position:left;
margin-left:.25in;
text-indent:-.25in;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>I know Chris Drake already provided one detailed
explanation of Avery’s original question (below), but it led to some
offlist discussion among the XRI crowd about how XRI forwarding and how it
works with OpenID that I think would be good to share back with the list, since
this topic is likely to come up again.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>What Avery was doing (which is really
quite clever) is using the indirection capability of XRIs that’s
available either via XRI resolvers and XRDS documents (faster but harder to configure),
or via a standardized XRI service called forwarding service (slower but easy to
configure). For more details of forwarding service, see <a
href="http://iss.xdi.org/moin.cgi/ForwardingService">http://iss.xdi.org/moin.cgi/ForwardingService</a>).
Note that both produce the same result – redirection of a “forwarding
XRI” to a “target URI”. <o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>What Avery was trying to do was give a
relying party the forwarding XRI, “=avery/(+myopenid)” that his
forwarding service redirects to <a href="http://aglasser.myopenid.com/">http://aglasser.myopenid.com</a></span></font><font
size=2 face=Arial><span style='font-size:10.0pt;font-family:Arial'>. As long as
the relying party does XRI resolution of <font color=navy><span
style='color:navy'>“=avery/(+myopenid)” </span></font>(it doesn’t
matter whether the relying party uses a local XRI resolver or a proxy XRI
resolver, the results will be the same), the XRI resolver should return a redirect
to <font color=navy><span style='color:navy'><a
href="http://aglasser.myopenid.com/">http://aglasser.myopenid.com</a>. An HTTP
GET to <a href="http://aglasser.myopenid.com/">http://aglasser.myopenid.com</a>
with a content type of application/xrds+xml should return a valid XRDS document
(right Josh?)<o:p></o:p></span></font></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Therefore everything should work correctly
just by Avery entering “=avery/(+myopenid)” at the RP. Things
should ALSO work correctly if Avery enters the full HXRI (HTTP XRI) version of this
XRI, i.e., <a href="http://xri.net/=avery/(+myopenid)">http://xri.net/=avery/(+myopenid)</a>,
because the relying party code should simply be doing a HTTP GET on this URL
with content type of application/xrds+xml, receive back a redirect to <a
href="http://aglasser.myopenid.com/">http://aglasser.myopenid.com</a>, and then
do the same request against that URL and receive back the authoritative XRDS.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Thus if I understand OpenID Authentication
2.0 Draft 10 correctly, if Avery enters “=avery” at the RP, this
will result Avery’s Claimed Identifier at the RP being the synonymous persistent
i-number “=!5E1B.7A93.6A96.8C0A”. However if Avery enters “=avery/(+myopenid)”
at the RP, it will result in Avery’s Claimed Identifier at the RP being
the final redirect URL of “<a href="http://aglasser.myopenid.com/">http://aglasser.myopenid.com</a>”.
<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Now, the question of why this
does-or-does-not work at a particular RP at this particular point in time has
everything to do with: a) what OpenID client library version is running at the
RP (in this case openid.net), b) what XRI proxy resolver is being called (in
this case xri.net), and c) what code is running at Avery’s XRI forwarding
service (in this case 1id.com). I suspect Chris Drake’s diagnosis (<a
href="http://openid.net/pipermail/general/2006-October/000463.html">http://openid.net/pipermail/general/2006-October/000463.html</a>)
is correct with regard to how that is/isn’t working right now. However
once we get all the component lined up and working correctly, this should all
work as detailed above.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Us XRI geeks have the action item to work
with the OpenID spec teams and OpenID client library implementation teams to make
sure XRI parsing and resolution is handled correctly, no matter whether it uses
local or proxy XRI resolvers. We also have the action item to create an “Using
XRI with OpenID FAQ” for the new OpenID wiki so we make it easy for
developers, RPs, and IdPs to use XRI i-names and i-numbers with OpenID.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Please don’t hesitate to ask any
other XRI questions or give us any other XRI feedback via any of the OpenID lists.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>=Drummond <o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<div>
<div class=MsoNormal align=center style='text-align:center'><font size=3
face="Times New Roman"><span style='font-size:12.0pt'>
<hr size=2 width="100%" align=center tabindex=-1>
</span></font></div>
<p class=MsoNormal><b><font size=2 face=Tahoma><span style='font-size:10.0pt;
font-family:Tahoma;font-weight:bold'>From:</span></font></b><font size=2
face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma'>
general-bounces@openid.net [mailto:general-bounces@openid.net] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Avery Glasser<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, October 25, 2006
11:42 PM<br>
<b><span style='font-weight:bold'>To:</span></b> general@openid.net<br>
<b><span style='font-weight:bold'>Subject:</span></b> The Wiki, iNames and
OpenID accounts</span></font><o:p></o:p></p>
</div>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><br>
<br>
Ok,<br>
<br>
This will probably go down in the history of silly things I have thought about
at 11pm...<br>
<br>
I have an iname through 1id.com (=avery). I set up as a tag, a reference to my
usual OpenID URL =avery(+myopenid). Going to <span
title="http://xri.net/=avery/(+myopenid)">http://xri.net/=avery/(+myopenid) properly
resolves my my myopenid.com account.<br>
<br>
Why would I do such a silly thing? Because I established aglasser.myopenid.com
well before I registered my iname.<br>
<br>
I tried to log into the OpenID.net/wiki using:<br>
=avery+myopenid<br>
=avery(+myopenid)<br>
=avery/(+myopenid)<br>
</span><span title="http://xri.net/=avery/(+myopenid)">http://xri.net/=avery/(+myopenid)<br>
<br>
My assumption is that when the wiki attempted to resolve the iname for
authentication, it would resolve to aglasser.myopenid.com. Each time, it kicked
back a failure. Of course, going in with =avery worked fine. Going in with
aglasser.myopenid.com worked fine as well.<br>
<br>
This leads to an interesting set of thoughts - at least interesting for this
time of day...<br>
<br>
1) As </span><span title="http://xri.net/=avery/(+myopenid)">http://xri.net/=avery/(+myopenid)
resolves to aglasser.myopenid.com - shouldn't this work as a valid OpenID
Identity URL?<br>
<br>
2) If the answer to #1 is yes, shouldn't I be able to use =avery(+myopenid) as
a valid iname for authenticating to the wiki?<br>
<br>
3) More fundamental (and probably out of scope for this group), shouldn't an
inames registrar allow one to set a default OpenID Identity URL independent of
the iname account?<br>
<br>
<o:p></o:p></span></font></p>
</span>
<p><font size=3 face="Times New Roman"><span style='font-size:12.0pt'>- Avery<o:p></o:p></span></font></p>
<p><font size=3 face="Times New Roman"><span style='font-size:12.0pt'><o:p> </o:p></span></font></p>
<p><font size=3 face="Times New Roman"><span style='font-size:12.0pt'>-- <br>
==============================<br>
Avery Glasser<br>
VxV Solutions, Inc.<br>
<br>
+ 1.415.992.7264 - office<br>
+ 1.415.290.1400 - mobile<br>
+ 1.415.651.9218 - fax<br>
<br>
<br>
<st1:Street w:st="on"><st1:address w:st="on">329 Bryant Street</st1:address></st1:Street>,
Suite 2D<br>
<st1:place w:st="on"><st1:City w:st="on">San Francisco</st1:City>, <st1:State
w:st="on">CA</st1:State> <st1:PostalCode w:st="on">94107</st1:PostalCode></st1:place><br>
==============================<br>
<br>
This e-mail (including any attachments), is confidential and intended only for
the use of the addressee(s). It may contain information covered by legal,
professional or other privilege. If you are not an addressee, please inform the
sender immediately and destroy this e-mail. Do not copy, forward, use or
disclose this e-mail. Thank you.<o:p></o:p></span></font></p>
</div>
</body>
</html>