Peter (et al): <br><br>I'm open to discussing the "type" of identifier that OpenID 2.1 should support. I rather agree with one of your (Peter's) previous posts that OpenID should allow _any_ type of identifier. I would add the following caveats to that support, as follows:<br>
<ol><li><b>ALL OpenID 2.1 Identifiers MUST be Resolvable to XRD<br> </b>Any OpenID Identifier MUST be able to be resolved to an XRD (with XRD being the primary "discovery" mechanism supported by OpenID 2.1). Legacy discovery mechanisms from OpenID 1.0, 1.1, and 2.0 should still be supported, but would be restricted to URL's & XRI's (with EAUT possibly filling in the gap for email addresses).<br>
<br></li><li><b>Start With Only 3 Required Identifiers as a Baseline<br></b>OpenID 2.1 should mandate that all OP's and RP's support URL, XRI, and Email-like identifiers (only because these are the most common form of identifier -- Peter, I personally don't see a lot of LDAP identifiers being thrown around today on business cards, e.g.).<br>
<br></li><li><b>Allow for Future Identifier Support as Decided by the Community<br></b>An extension mechanism should be defined that allows the OIDF community to endorse (via extension specifications) new OpenID 2.1 Identifiers. The Jabber Foundation has done this sort of extensibility thing with decent success (not necessarily with Identifiers, but in general). This Identifier extensibility model would accomplish the following:<br>
<br></li><ol><li>It will preclude the need to actually _decide_ whether and which types of new identifiers to include in the 2.1 spec (email identifiers not withstanding). <br></li><li>It would allow the community to vote on each new particular identifier type on its own merits, preventing the "stall" of the 2.1 spec.</li>
<li>It would ensure that OP's and RP's are only required to support a baseline of OpenID functionality, while at the same time leaving room some new form of identifier that might take off in the future (Google Wave? Nah....Looks like that will still have an email address format for Identifiers). <br>
<br></li></ol><li><b>Some Other Requirement?<br></b>Am I missing something?<br></li></ol><br><div class="gmail_quote">On Thu, Jun 4, 2009 at 8:21 PM, Peter Williams <span dir="ltr"><<a href="mailto:pwilliams@rapattoni.com">pwilliams@rapattoni.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">There is no open discovery protocol. There is simply use of 2 externally defined protocols (yadis and xri resolution).<br>
<br>
As it stands, openid auth spec constrains ane canonicalizes c the allowed inputs to those protocols, when used.<br>
<br>
Are you guys also proposing that an op might discover an rp realm xrd, from a rp identified in openid auth that is not either an http/s scheme url or an xri?<br>
<br>
Will it be mandatory for op to support webfinger, if the rp realm chooses to so identify itself?<br>
<br>
Why this one and not all the others such as gc and ldap? (apart from, its in the news today)<br>
<br>
________________________________<br>
</blockquote></div>