[Openid-specs-ab] Please review this version of WebFinger

Justin Richer jricher at mitre.org
Mon Nov 26 21:07:02 UTC 2012 

Right, there are alternatives. I just wanted to make sure that the 
removal of this mechanism was deliberate and not an omission.

  -- Justin

On 11/26/2012 04:03 PM, Mike Jones wrote:
> Or you can do the "redirect" with the "webfinger." DNS prefix.
>
> ------------------------------------------------------------------------
> From: Mike Jones
> Sent: 11/26/2012 1:00 PM
> To: Justin Richer
> Cc: openid-specs-ab at lists.openid.net
> Subject: Re: [Openid-specs-ab] Please review this version of WebFinger
>
> Instead of static redirects or JSON-based redirects, this version of 
> WebFinger supports 302 redirects, which I’m told can be done with a 
> simple rule in Apache or IIS.
>
> -- Mike
>
> *From:*Justin Richer [mailto:jricher at mitre.org]
> *Sent:* Monday, November 26, 2012 7:27 AM
> *To:* Mike Jones
> *Cc:* openid-specs-ab at lists.openid.net
> *Subject:* Re: [Openid-specs-ab] Please review this version of WebFinger
>
> Should the "aliases" list always contain the subject if it's present? 
> Can it?
>
> From my read, this is now missing the static redirect functionality 
> that earlier versions of SWD and Webfinger made possible: drop a 
> static file into the right place, it gets served back with a 200 and 
> the client can follow the redirection. This might be accomplished 
> somewhat cleanly by defining a "webfinger" rel/link pairing, right?
>
>  -- Justin
>
> On 11/22/2012 03:34 AM, Mike Jones wrote:
>
>     This version is JSON-only, no longer uses host-meta, uses query
>     parameters instead of templates, and uses a domain prefix to
>     enable hosted deployments.  Are there other changes we would want
>     in this draft to use it for OpenID Connect?
>
>     -- Mike
>
>     *From:*apps-discuss-bounces at ietf.org
>     <mailto:apps-discuss-bounces at ietf.org>
>     [mailto:apps-discuss-bounces at ietf.org] *On Behalf Of *Paul E. Jones
>     *Sent:* Wednesday, November 21, 2012 8:14 PM
>     *To:* apps-discuss at ietf.org <mailto:apps-discuss at ietf.org>;
>     webfinger at googlegroups.com <mailto:webfinger at googlegroups.com>
>     *Subject:* [apps-discuss] draft-ietf-appsawg-webfinger-04
>
>     Folks,
>
>     I just posted a new draft that takes into consideration the input
>     I received on -03 and adds the “webfinger” subdomain that was
>     discussed on the list this past week.  Specifically, here’s what
>     changed:
>
>     ·Mention in section 2 that WebFinger uses the “rel” attribute and
>     provide a reference to the IANA registry for link relations
>
>     ·Deleted the second paragraph from  section 3 that expands on link
>     relations
>
>     ·Changed the link relation value for “blog” to be just the token
>     “blog”
>
>     ·Corrected a syntax error in the example in 4.1
>
>     ·Clarified in section 4.1 what is meant by a “valid alias”
>
>     ·Introduced a new section 4.2 that shows an example for OpenID Connect
>
>     ·Changed the rel types in 4.3 and 4.4 to be URI-based (on example.net)
>
>     ·Corrected syntax in 5.3 and added two clarifying sentences
>
>     ·Introduced a new section 5.5 that describes the “webfinger” subdomain
>
>     ·Changed the name of section 7
>
>     ·Added language to section 8 to support section 5.5
>
>     ·Added language to section 9 to support section 5.5
>
>     ·Spells out Mike’s name as he prefers it
>
>     ·Added a couple of informational references
>
>     The new draft is here:
>
>     http://tools.ietf.org/html/draft-ietf-appsawg-webfinger-04
>
>     I think we’re getting closer, though I know the “webfinger”
>     subdomain might be a bit controversial.  I’m on the fence on this
>     one, myself.  I can see the pros and cons of having it.  I’d
>     prefer to stay out of the debate, though.  I’ll put into the
>     document whatever the group says to put into the documents :-) 
>     That said, I think Mike made a valid argument with respect to the
>     fact that some domain owners have no ability to do anything more
>     than insert an A record for a subdomain.
>
>     I do want to highlight the fact that the current language says
>     that if there is any response from a web server at the host, that
>     means the host does have the capability of providing WF services
>     and the “webfinger” subdomain should not be consulted.  Thus, the
>     webfinger subdomain would only be consulted if there is no web
>     server running at the host at all.  It’s not a fallback for domain
>     owners who have a web server, but just didn’t install a WF
>     server.  For that case, they should use 3xx redirection for
>     hosting the WF server elsewhere.
>
>     Paul
>
>
>
>
>     _______________________________________________
>
>     Openid-specs-ab mailing list
>
>     Openid-specs-ab at lists.openid.net  <mailto:Openid-specs-ab at lists.openid.net>
>
>     http://lists.openid.net/mailman/listinfo/openid-specs-ab
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121126/ae70467e/attachment.html>

More information about the Openid-specs-ab mailing list