<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>That’s fine, of course. There is no new flow.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>An RP may not accept any user-supplied value other than what is
supposed to be an http: form URL as an openid (or some specified contractions
of an http URL), which must then be normalized. But that’s a conformance detail.
If one is using elements of an RFC822 email name as a contraction of an http-style
locator for the XRDS – which introduces the OP endpoint (aka locates an OP
endpoint …supporting directed id) - we are in normal behaviour.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The way you phrased it originally, I was seeing<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>1<sup>st</sup> level of “OP” that mapped RFC822
name form to http url, using some kind of directed identity dynamics/handling/protocol
run of openid auth to help the user choose which http OP identifier to
release as a synonym for the RFC822 email domain<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>2<sup>nd</sup> level of OP that issues assertions (based on further
directed id resolution by the user, at the OP).<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>1<sup>st</sup> level appeared in the original phrasing be some
new kind of URL redirector service for OP Identifiers where an email domain
could “support directed id” for choosing an OP Identifier<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>…which would all have clearly been beyond the material in the
finalized specification.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Andrew Arnott
[mailto:andrewarnott@gmail.com] <br>
<b>Sent:</b> Sunday, March 22, 2009 4:26 PM<br>
<b>To:</b> Peter Williams<br>
<b>Cc:</b> David Nicol; Dmitry Shechtman; Recordon, David;
yadis@lists.danga.com; general@openid.net<br>
<b>Subject:</b> Re: [OpenID] The Various Methods For
"user@domain.com" Style Identifiers<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>I wasn't explaining anything that should be new, Peter, so
perhaps my words were unclear. The RP performs discovery on the email
address, which is a legal URL. The user@ portion is dropped implicitly,
leaving nothing but the domain. The RP pulls at that URL, and if the HTTP
response includes an XRDS document or reference that describes an OP directed
identity-supporting endpoint, the RP directs the user to the appropriate OP
url.<o:p></o:p></p>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br clear=all>
--<br>
Andrew Arnott<br>
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire<br>
<br>
<o:p></o:p></p>
<div>
<p class=MsoNormal>On Sun, Mar 22, 2009 at 4:23 PM, Peter Williams <<a
href="mailto:pwilliams@rapattoni.com">pwilliams@rapattoni.com</a>> wrote:<o:p></o:p></p>
<div>
<div>
<p><span style='font-size:11.0pt;color:#1F497D'>First time I’ve heard of
an entity other than an OP performing the directed identity
“protocol” </span><o:p></o:p></p>
<p><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
<p>…If an email address domain name supports directed identity<o:p></o:p></p>
<p> <o:p></o:p></p>
<p>…redirects the user to the OP,<o:p></o:p></p>
<p><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
<p><span style='font-size:11.0pt;color:#1F497D'>Is this a standardized flow in
openid?</span><o:p></o:p></p>
<p><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
<p><span style='font-size:11.0pt;color:#1F497D'>If such a flow is not
laid out in the spec, it doesn’t have the (relative) IP protections of
other finalized materials.</span><o:p></o:p></p>
<p><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p><b><span style='font-size:10.0pt'>From:</span></b><span style='font-size:
10.0pt'> <a href="mailto:general-bounces@openid.net" target="_blank">general-bounces@openid.net</a>
[mailto:<a href="mailto:general-bounces@openid.net" target="_blank">general-bounces@openid.net</a>]
<b>On Behalf Of </b>Andrew Arnott<br>
<b>Sent:</b> Sunday, March 22, 2009 4:13 PM<br>
<b>To:</b> David Nicol<br>
<b>Cc:</b> Dmitry Shechtman; Recordon, David; <a
href="mailto:yadis@lists.danga.com" target="_blank">yadis@lists.danga.com</a>; <a
href="mailto:general@openid.net" target="_blank">general@openid.net</a></span><o:p></o:p></p>
<div>
<p class=MsoNormal><br>
<b>Subject:</b> Re: [OpenID] The Various Methods For "<a
href="mailto:user@domain.com" target="_blank">user@domain.com</a>" Style
Identifiers<o:p></o:p></p>
</div>
</div>
</div>
<p> <o:p></o:p></p>
<p>This comes up periodically. The last time it did, it ended with:
"it already works, via directed identity." If an email address
domain name supports directed identity, then a user can type his/her own email
address, and it (becoming equivalent to just the domain name of that email
address) redirects the user to the OP, where the identifier can be decided on
and the assertion sent back to the RP.<o:p></o:p></p>
<div>
<div>
<div>
<p style='margin-bottom:12.0pt'><br clear=all>
--<br>
Andrew Arnott<br>
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire<o:p></o:p></p>
<div>
<p>On Sun, Mar 22, 2009 at 3:26 PM, David Nicol <<a
href="mailto:davidnicol@gmail.com" target="_blank">davidnicol@gmail.com</a>>
wrote:<o:p></o:p></p>
<p>I am for an approach of leaving all systems as they are now and adding<br>
a convention, provided by some openID identity service, that maps<br>
e-mail addresses into openID urls, and then trying to popularize that<br>
service, or the various services conforming to the to-be-proposed<br>
convention, so that when someone types <a href="mailto:joe@example.com"
target="_blank">joe@example.com</a> into the<br>
openID slot the identity widget offers joe a choice of<br>
<a href="http://smtp.openid.tipjar.com/example.com/joe" target="_blank">http://smtp.openid.tipjar.com/example.com/joe</a>
and a few other similar<br>
services suggesting the rewritten versions.<br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><o:p></o:p></p>
</div>
<p> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
</div>
</body>
</html>