<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">
It's not strictly more information, it's the same set of meta information that we have today, but in a more general, (very slightly) more common, link-based format.
<div><br>
</div>
<div>The function of the clients and servers wouldn't change. It's a matter of serialization and not making up a new JSON document and set of members just for this one protocol where there are things we could reuse.</div>
<div><br>
</div>
<div> -- Justin</div>
<div><br>
</div>
<div><br>
<div>
<div>On Nov 8, 2012, at 1:20 PM, Mike Jones wrote:</div>
<br class="Apple-interchange-newline">
<blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">
<div lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1" style="page: WordSection1; ">
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">From a developer perspective, including unnecessary information is nearly always bad.<o:p></o:p></span></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); "><o:p> </o:p></span></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); ">Your code still has to understand the meaning of the fields it uses. Adding metadata doesn’t change that.<o:p></o:p></span></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); "><o:p> </o:p></span></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); "> -- Mike<o:p></o:p></span></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri, sans-serif; color: rgb(31, 73, 125); "><o:p> </o:p></span></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">From:</span></b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; "><span class="Apple-converted-space"> </span>Nat Sakimura [mailto:sakimura@gmail.com]<span class="Apple-converted-space"> </span><br>
<b>Sent:</b><span class="Apple-converted-space"> </span>Thursday, November 08, 2012 10:16 AM<br>
<b>To:</b><span class="Apple-converted-space"> </span>Richer, Justin P.<br>
<b>Cc:</b><span class="Apple-converted-space"> </span>Mike Jones;<span class="Apple-converted-space"> </span><a href="mailto:openid-specs-ab@lists.openid.net" style="color: blue; text-decoration: underline; ">openid-specs-ab@lists.openid.net</a><span class="Apple-converted-space"> </span>Group<br>
<b>Subject:</b><span class="Apple-converted-space"> </span>Re: [Openid-specs-ab] OIDC Discovery and OAuth2 LRDD<o:p></o:p></span></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
>From a developer perspective, a uniform interface is always good, because I can reuse my codes, probably just use libraries so I do not have write much code, etc. <o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Nat<o:p></o:p></p>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
On Fri, Nov 9, 2012 at 2:58 AM, Richer, Justin P. <<a href="mailto:jricher@mitre.org" target="_blank" style="color: blue; text-decoration: underline; ">jricher@mitre.org</a>> wrote:<o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
The wouldn't a better approach be to take the constructs of LRDD and move them into the JSON world? Maybe using the HAL linking format that Nat's brought up. <o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
What bothers me is a bespoke solution for a generic problem in OIDC.<span class="hoenzb"><span style="color: rgb(136, 136, 136); "><o:p></o:p></span></span></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="color: rgb(136, 136, 136); "> -- Justin<o:p></o:p></span></div>
</div>
<div>
<div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
<div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
On Nov 8, 2012, at 12:37 PM, Mike Jones wrote:<o:p></o:p></div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<br>
<br>
<o:p></o:p></div>
<div>
<div>
<div>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="font-size: 11pt; font-family: Calibri, sans-serif; ">Part of what makes JSON more popular and successful than XML is that there *isn't* any usually-unnecessary metadata or introspection facilities built into the format. In my opinion, trying to
superimpose this structure on our use of JSON after the fact is both unnecessary and counter to what developers want.<br>
<br>
They're voting with their feet and we want their votes.<br>
<br>
-- Mike<o:p></o:p></span></p>
</div>
</div>
<div class="MsoNormal" align="center" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; text-align: center; ">
<hr size="3" width="100%" align="center">
</div>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">From:<span class="Apple-converted-space"> </span></span></b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">Nat Sakimura</span><br>
<b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">Sent:<span class="Apple-converted-space"> </span></span></b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">11/8/2012 10:12 AM</span><br>
<b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">To:<span class="Apple-converted-space"> </span></span></b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">Richer, Justin P.</span><br>
<b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">Cc:<span class="Apple-converted-space"> </span></span></b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; "><a href="mailto:openid-specs-ab@lists.openid.net" target="_blank" style="color: blue; text-decoration: underline; ">openid-specs-ab@lists.openid.net</a><span class="Apple-converted-space"> </span>Group</span><br>
<b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">Subject:<span class="Apple-converted-space"> </span></span></b><span style="font-size: 10pt; font-family: Tahoma, sans-serif; ">Re: [Openid-specs-ab] OIDC Discovery and OAuth2 LRDD</span><o:p></o:p></p>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
P.S. You can see how I was feeling from my blog post<o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<a href="http://nat.sakimura.org/2012/09/16/uri-template-in-openid-connect-provider-configuration-response/" target="_blank" style="color: blue; text-decoration: underline; ">http://nat.sakimura.org/2012/09/16/uri-template-in-openid-connect-provider-configuration-response/</a><o:p></o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
It predates <a href="http://datatracker.ietf.org/doc/draft-wmills-oauth-lrdd/" target="_blank" style="color: blue; text-decoration: underline; ">http://datatracker.ietf.org/doc/draft-wmills-oauth-lrdd/</a><o:p></o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<p class="MsoNormal" style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 12pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Nat<o:p></o:p></p>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
On Thu, Nov 8, 2012 at 10:58 PM, Nat Sakimura <<a href="mailto:sakimura@gmail.com" target="_blank" style="color: blue; text-decoration: underline; ">sakimura@gmail.com</a>> wrote:<o:p></o:p></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
It is a bit late in the game, but I do agree being able to express them in the link based structure (not LRDD though, it needs to be JSON) is nice. <o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
HAL or Hyper-meta schema would be good. <o:p></o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Note: none of them are RFC however, so we need to do something in that respect. <o:p></o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
The only reason that it is a flat thing is that there were a strong desire to do very simple thing at the beginning. Maybe OAuth discovery document is simple enough that a flat schema makes sense, but OIDC configuration is complex enough that we may want to
consider an alternate format. <o:p></o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Having said that, there is a political issues as well. It is soooo late in the documents life cycle and as we do not want to give the community impression that we are still unstable, whether it is worth pursuing should be evaluated carefully. <o:p></o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Best, <o:p></o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Nat<o:p></o:p></div>
</div>
<div>
<div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
On Thu, Nov 8, 2012 at 12:43 AM, Richer, Justin P. <<a href="mailto:jricher@mitre.org" target="_blank" style="color: blue; text-decoration: underline; ">jricher@mitre.org</a>> wrote:<o:p></o:p></div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
One of my longstanding complaints about OIDC Discovery is that while it tries to follow a generalizable process to find the issuer, the document that defines the server configuration is a completely bespoke JSON structure. I hadn't seen this document before,
but there was recently an admittedly-incomplete attempt by William Mills to put together a spec to define LRDD based discovery for OAuth2 endpoints and configuration parameters.<br>
<br>
<a href="http://datatracker.ietf.org/doc/draft-wmills-oauth-lrdd/" target="_blank" style="color: blue; text-decoration: underline; ">http://datatracker.ietf.org/doc/draft-wmills-oauth-lrdd/</a><br>
<br>
Shouldn't we be using some kind of host link-based configuration format like this instead of a new JSON document? Shouldn't we be trying to engage the larger service discovery community as opposed to just pasting something in for OIDC alone?<br>
<br>
-- Justin<br>
_______________________________________________<br>
Openid-specs-ab mailing list<br>
<a href="mailto:Openid-specs-ab@lists.openid.net" target="_blank" style="color: blue; text-decoration: underline; ">Openid-specs-ab@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab" target="_blank" style="color: blue; text-decoration: underline; ">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<br>
<br clear="all">
<o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
</div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="color: rgb(136, 136, 136); ">--<span class="Apple-converted-space"> </span><br>
Nat Sakimura (=nat)<o:p></o:p></span></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<span style="color: rgb(136, 136, 136); ">Chairman, OpenID Foundation<br>
<a href="http://nat.sakimura.org/" target="_blank" style="color: blue; text-decoration: underline; ">http://nat.sakimura.org/</a><br>
@_nat_en<o:p></o:p></span></div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<br>
<br clear="all">
<o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
--<span class="Apple-converted-space"> </span><br>
Nat Sakimura (=nat)<o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Chairman, OpenID Foundation<br>
<a href="http://nat.sakimura.org/" target="_blank" style="color: blue; text-decoration: underline; ">http://nat.sakimura.org/</a><br>
@_nat_en<o:p></o:p></div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
</div>
</div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
</div>
</div>
</div>
</div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<br>
<br clear="all">
<o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
--<span class="Apple-converted-space"> </span><br>
Nat Sakimura (=nat)<o:p></o:p></div>
<div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
Chairman, OpenID Foundation<br>
<a href="http://nat.sakimura.org/" target="_blank" style="color: blue; text-decoration: underline; ">http://nat.sakimura.org/</a><br>
@_nat_en<o:p></o:p></div>
</div>
<div style="margin-top: 0in; margin-right: 0in; margin-left: 0in; margin-bottom: 0.0001pt; font-size: 12pt; font-family: 'Times New Roman', serif; ">
<o:p> </o:p></div>
</div>
</div>
</div>
</span></blockquote>
</div>
<br>
</div>
</body>
</html>