[Openid-specs-ab] Reserved member definitions

John Bradley ve7jtb at ve7jtb.com
Mon Sep 19 21:54:20 UTC 2011


I am sympathetic to the position. 

However without namespace support in JSON, we just end up adding extra characters to the reserved names for not much more than formal correctness.

The decision was to go for a fixed schema (implied namespace) and fully namespaces claims.

For ease of processing by RP I don't yet see a compelling reason to change that.

Perhaps being clear that all of the reserved claim names have a implied namespace that is not included in the JSON itself.

John B.
On 2011-09-19, at 6:08 PM, Nat Sakimura wrote:

> Actually, that almost exactly was what it was in earlier drafts when
> it was called AB.
> 
> We could define a default namespace for the UserInfo schema. I suppose
> it would be like:
> 
> http://openid.net/specs/connect/1.0/userinfo/
> 
> Best,
> 
> =nat via iPhone
> 
> On 2011/09/19, at 16:36, Roland Hedberg <roland.hedberg at adm.umu.se> wrote:
> 
>> Hi!
>> 
>> As some of you know I was part of the IETF working group that did the LDAPv3 specification.
>> One change that was made from X.500 has later been regarded as the worst mistaken done by this group.
>> The change was going from specifying attributes not as OIDs but to instead using english names.
>> 
>> Surname became 'sn' or 'surname' instead of 2.5.4.4 .
>> 
>> This has lead to innumerable problems and heated debates mainly due to the inexactness of the English language.
>> This is of course not specific to English it is an inherited problem with any natural language.
>> 
>> So I would urge this group to refrain from using the natural language identifiers listed in
>> http://openid.net/specs/openid-connect-messages-1_0.html#ClaimTable
>> and instead use OID:s (as used by X.500) or URI:s (as used by the semantic web).
>> 
>> The simplest change and my proposal is to switch to URI:s a'la the semantic web.
>> 
>> Hence the on-the-wire name for 'id' will be 'http://openid.net/schema/person#id".
>> 
>> To keep down the number of bytes transferred one can allow the definition of the namespace to be part of the response a'la RDF/XML:
>> 
>> {
>> "namespace": {"ns1":'http://openid.net/schema/person#'},
>> "ns1:name": "Jane Doe"
>> "ns1:given_name": "Jane",
>> "ns1:family_name": "Doe",
>> "ns1:email": "janedoe at example.com",
>> "ns1:picture": "http://example.com/janedoe/me.jpg"
>> }
>> 
>> Unfortunately there doesn't seem to be any standard for handling namespaces in JSON.
>> 
>> -- Roland
>> _______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4767 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110919/985cef53/attachment.p7s>


More information about the Openid-specs-ab mailing list