<HTML dir=ltr><HEAD></HEAD>
<BODY style="WORD-WRAP: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space">
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>Wanting to discover the practical limits of where its reasonable to go (in what timeframe) with XRI in OpenID2, I noted in wikipedia XRI article certain XRI examples that do NOT denote people. </FONT></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>xri://broadview.library.example.com/(urn:isbn:0-395-36341-1)/(+hardcover)<BR>xri://broadview.library.example.com/(urn:isbn:0-395-36341-1)/(+softcover)<BR>xri://broadview.library.example.com/(urn:isbn:0-395-36341-1)/(+reference)</FONT></DIV></BLOCKQUOTE>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2><FONT face=Arial size=2>As I could not see any limits imposed on XRI name forms in OpenID2 specs, I wondered about applying the notion to US realty infrastructure issues.</FONT></FONT></DIV>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2><FONT face=Arial size=2></FONT></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>In US realty, we have the data on a couple of billion current and historical listings (your homes and offices for sale, rent...) that are today referenced by a URL. Yes, of course, lots of people are then linked to those listing records (the agents, the interested parties, the buyers and sellers and the N other professionals to be used in closing residential market 6-figure transaction ..., and then all the SSO links to those N professionals' banking/insurance/recording/brokering management systems. The control system for distributing the attribute schema, attribute and object metadata and the identities of the management authorities is all run in a pure peer-peer model today (i.e. 100% distributed as PRMDs, to use an ancient ISO term), where each local authority is represented by the domain-name address of the server endpoint.</FONT></DIV>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>If I wanted to now make a directory forest of all the authorities (vs the listings), I suppose I'm really rebuilding the classical ActiveDirectory forest of forests model. I'm guessing it would be appropriate to exploit the form of cross-referencing XRIs given above. </FONT><FONT color=#000000><FONT face=Arial size=2>For each city's listing service, xri://nationalmls.com, the embedded URI in parenthesis could be todays (fully qualified) query-based URL to a particular listing authority, making such as a</FONT></FONT></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV dir=ltr><A href="http://demo.crt.realtors.org:6103/rets/search?Class=ResidentialProperty&Count=1&Format=XML&Limit=1&Offset=1&Query=%28LN%3d0%2b%29&QueryType=DMQL2&SearchType=Property&StandardNames=0" target=_blank><FONT face=Arial size=2>xri://nationalmls.com/(http://demo.crt.realtors.org:6103/rets/search?Class=ResidentialProperty&Format=XML&Limit=1&Query=%28LN%3d0%2b%29&QueryType=DMQL2&SearchType=Property&StandardNames=0</FONT></A><FONT face=Arial size=2>)</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>(Obviously, the query and querytype could easily be SPARQL instead of DMQL2, for greater interoperability with the web mashup world.)</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV></BLOCKQUOTE>
<DIV dir=ltr><FONT face=Arial size=2>If I wanted to reference the very framework for the web of trust for a peer-peer "trusted naming graph" representing those authoritys' actual reciprocal/data-sharing arrangements, it could presumably take such form such as </FONT></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV dir=ltr><FONT face=Arial size=2>xri://nationalmls.com/(urn:inet?url=http://localmls.com/rets/foaf/wotont.rdf&parsetype=rdf)/</FONT></DIV></BLOCKQUOTE>
<DIV dir=ltr><FONT face=Arial size=2>Now that URN doesn't exactly look well formed, even if legal syntax. On the basis that I can similarly embed javascript (via data protocol encoding), presumably I can go one step further and just put code in the XRI name too, indirectly referencing private class namespaces that understand my private web protocol.</FONT></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV dir=ltr>
<DIV dir=ltr><FONT face=Arial size=2>xri://nationalmls.com/(data:text/xml;base64,bmV3IENPTS5SQVBBVFRPTkkuUmFwTUxTLkRhdGFTb3VyY2UoImluZXQ/dXJsPWh0dHA6Ly9sb2NhbGhvc3Q6NzA1Ni9yZXRzL2ZvYWYvd290b250LnJkZiZwYXJzZXR5cGU9cmRmIik=)</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>As long as the trusted resolver mode of XRI is being used in the OpenID2 handshake, we could arrange for an Authenticode-like basis for accrediting the source of the javascript built into the name form. Obviously, runtime classes can be easily digitally signed these days for online-distribution, limiting their runtime privileges as appropriate. Appropriate encoding of this URI would be required of course, mitigating XSS vulnerabilities.</FONT></DIV></DIV></BLOCKQUOTE>
<DIV dir=ltr><FONT face=Arial size=2></FONT>Anyone doing anything like this with XRI and OpenID? There may be opportunity to run a simple gateway for us, to experiment with the praxis of XRI cross-referencing as a means of implementing "forest of forest" trust models in OpenID2.</DIV></BODY></HTML>