<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Times New Roman \, serif";
panose-1:0 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";
color:black;}
p.msochpdefault, li.msochpdefault, div.msochpdefault
{mso-style-name:msochpdefault;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:10.0pt;
font-family:"Times New Roman","serif";
color:black;}
span.emailstyle18
{mso-style-name:emailstyle18;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.emailstyle19
{mso-style-name:emailstyle19;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.htmlpreformattedchar0
{mso-style-name:htmlpreformattedchar;
font-family:Consolas;
color:black;}
span.emailstyle22
{mso-style-name:emailstyle22;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.balloontextchar0
{mso-style-name:balloontextchar;
font-family:"Tahoma","sans-serif";
color:black;}
span.EmailStyle28
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Yes, this was a deliberate simplification for clients. Templates were removed on purpose because they were duplicative of the functionality provided by the query parameters.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"> -- Mike
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> Justin Richer [mailto:jricher@mitre.org]
<br>
<b>Sent:</b> Monday, November 26, 2012 1:07 PM<br>
<b>To:</b> Mike Jones<br>
<b>Cc:</b> openid-specs-ab@lists.openid.net<br>
<b>Subject:</b> Re: [Openid-specs-ab] Please review this version of WebFinger<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Right, there are alternatives. I just wanted to make sure that the removal of this mechanism was deliberate and not an omission.<br>
<br>
-- Justin<br>
<br>
On 11/26/2012 04:03 PM, Mike Jones wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Or you can do the "redirect" with the "webfinger." DNS prefix.<o:p></o:p></p>
</div>
</div>
<div class="MsoNormal" align="center" style="text-align:center"><span style="font-size:12.0pt;font-family:"Times New Roman","serif"">
<hr size="3" width="100%" align="center">
</span></div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:
</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Mike Jones</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><br>
</span><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Sent: </span>
</b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">11/26/2012 1:00 PM</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><br>
</span><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">To: </span>
</b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Justin Richer</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><br>
</span><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Cc: </span>
</b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""><a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a></span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><br>
</span><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Subject:
</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">Re: [Openid-specs-ab] Please review this version of WebFinger</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p></o:p></span></p>
<div>
<div>
<p class="MsoNormal"><span style="color:#1F497D">Instead of static redirects or JSON-based redirects, this version of WebFinger supports 302 redirects, which I’m told can be done with a simple rule in Apache or IIS.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> -- Mike</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> Justin Richer [<a href="mailto:jricher@mitre.org">mailto:jricher@mitre.org</a>]
<br>
<b>Sent:</b> Monday, November 26, 2012 7:27 AM<br>
<b>To:</b> Mike Jones<br>
<b>Cc:</b> <a href="mailto:openid-specs-ab@lists.openid.net">openid-specs-ab@lists.openid.net</a><br>
<b>Subject:</b> Re: [Openid-specs-ab] Please review this version of WebFinger</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">Should the "aliases" list always contain the subject if it's present? Can it?<br>
<br>
>From my read, this is now missing the static redirect functionality that earlier versions of SWD and Webfinger made possible: drop a static file into the right place, it gets served back with a 200 and the client can follow the redirection. This might be accomplished
somewhat cleanly by defining a "webfinger" rel/link pairing, right?<br>
<br>
-- Justin<br>
<br>
On 11/22/2012 03:34 AM, Mike Jones wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">This version is JSON-only, no longer uses host-meta, uses query parameters instead of templates, and uses a domain prefix to enable hosted deployments. Are there other changes we would want in this draft to
use it for OpenID Connect?</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> -- Mike</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a href="mailto:apps-discuss-bounces@ietf.org">apps-discuss-bounces@ietf.org</a> [<a href="mailto:apps-discuss-bounces@ietf.org">mailto:apps-discuss-bounces@ietf.org</a>]
<b>On Behalf Of </b>Paul E. Jones<br>
<b>Sent:</b> Wednesday, November 21, 2012 8:14 PM<br>
<b>To:</b> <a href="mailto:apps-discuss@ietf.org">apps-discuss@ietf.org</a>; <a href="mailto:webfinger@googlegroups.com">
webfinger@googlegroups.com</a><br>
<b>Subject:</b> [apps-discuss] draft-ietf-appsawg-webfinger-04</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Folks,<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">I just posted a new draft that takes into consideration the input I received on -03 and adds the “webfinger” subdomain that was discussed on the list this past week. Specifically, here’s what changed:<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Mention in section 2 that WebFinger uses the “rel” attribute and provide a reference to the IANA registry for link relations<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Deleted the second paragraph from section 3 that expands on link relations<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Changed the link relation value for “blog” to be just the token “blog”<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Corrected a syntax error in the example in 4.1<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Clarified in section 4.1 what is meant by a “valid alias”<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Introduced a new section 4.2 that shows an example for OpenID Connect<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Changed the rel types in 4.3 and 4.4 to be URI-based (on example.net)<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Corrected syntax in 5.3 and added two clarifying sentences<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Introduced a new section 5.5 that describes the “webfinger” subdomain<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Changed the name of section 7<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Added language to section 8 to support section 5.5<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Added language to section 9 to support section 5.5<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Spells out Mike’s name as he prefers it<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in"><span style="font-family:Symbol">·</span><span style="font-size:7.0pt;font-family:"Times New Roman","serif"">
</span>Added a couple of informational references<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">The new draft is here:<o:p></o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-ietf-appsawg-webfinger-04">http://tools.ietf.org/html/draft-ietf-appsawg-webfinger-04</a><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">I think we’re getting closer, though I know the “webfinger” subdomain might be a bit controversial. I’m on the fence on this one, myself. I can see the pros and cons of having it. I’d prefer to stay out of the debate, though. I’ll put
into the document whatever the group says to put into the documents :-) That said, I think Mike made a valid argument with respect to the fact that some domain owners have no ability to do anything more than insert an A record for a subdomain.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">I do want to highlight the fact that the current language says that if there is any response from a web server at the host, that means the host does have the capability of providing WF services and the “webfinger” subdomain should not be
consulted. Thus, the webfinger subdomain would only be consulted if there is no web server running at the host at all. It’s not a fallback for domain owners who have a web server, but just didn’t install a WF server. For that case, they should use 3xx redirection
for hosting the WF server elsewhere.<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Paul<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:12.0pt;font-family:"Times New Roman , serif","serif""><br>
<br>
</span><o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>Openid-specs-ab mailing list<o:p></o:p></pre>
<pre><a href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a><o:p></o:p></pre>
<pre><a href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""> </span><o:p></o:p></p>
</div>
</div>
</blockquote>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p> </o:p></span></p>
</div>
</body>
</html>