Modularizing Auth 2.0 Discovery
Drummond Reed
drummond.reed at cordance.net
Wed Feb 28 20:01:43 UTC 2007
>Martin Atkins wrote:
>> My proposal is that we make the core Auth 2.0 spec scheme-agnostic. It
>> would just state that an identifier is "a URI". Later in the spec, where
>> currently it enumerates a bunch of ways to do discovery, it'd just say
>> "do discovery on the URI using an appropriate protocol". (or, indeed,
>> words to that effect.) It would also nominate a standard XRDS service
>> type URI to use during Yadis discovery.
If OpenID Discovery is a single, separate, referencable spec, then it
doesn't even have to do that. OpenID Authentication 2.0 can just say
something like:
"OpenID is an open, extensible framework for associated identity services
with an identifier. Discovery of the metadata necessary for an OpenID
consuming application to access those services is specified by the OpenID
Discovery specification [reference here]."
>+1
>
>Rob wrote:
>can we also use the opportunity to put i-names support in an extension?
Under this approach, discovery all identifiers (URLs, XRI i-names/i-numbers,
email addresses, phone numbers, etc.) would be handled by OpenID Discovery.
=Drummond
More information about the specs
mailing list