XRD and OpenID 2.1

Nat Sakimura n-sakimura at nri.co.jp
Thu Sep 3 03:56:18 UTC 2009 

So, User's XRD would have something like

<xrd id="foo">
<Subject>http://sakimura.org/nat</Subject>
<ds:Signature> ... </ds:Signature>
<link>
<rel>http://openid.net/rels/myopenid_provider</rel>
<url>http://myopenid.net/</url>
</link>
</xrd>

This is fetched during the discovery. (I am still not so sure about
the relationship between X-XRDS-Location: header and site_meta etc.
Are we abandoning the header model?)

Then, the RP searches for my relationship with OP through <rel>.
Once it was found, the RP goes to the url specified in the <link> to
get the Service's XRD like:

<xrd id="baa">
<Subject>http://myopenid.net/</Subject>
<ds:Signature>...</ds:Signature>
<link>
<rel>http://openid.net/op/endpoint</rel>
<url>http://specs.openid.net/auth/2.0</url>
</link>
</xrd>

to find out the concrete endpoint of this authentication service.

=nat

John Bradley wrote:
> Allen,
>
> In XRD 1.0 we are moving to a link based model.
>
> So a users XRD rather than having to specify the openID providers 
> service can point to an openID provider.
>
> The URIs that we currently use describe the service not the provider.
>
> I think Nat is looking for a link relationship that describes a user 
> pointing  to a service providers XRD rather than to the service itself.
>
> There will be a bunch of new link types required for various protocols.
>
> John B.
>
>
> On 2009-09-02, at 5:27 PM, Allen Tom wrote:
>
>> Hi Nat,
>>
>> Can you explain the problem in a bit more detail? Can you give an 
>> example use case?
>>
>> Thanks
>> Allen
>>
>>
>> Nat Sakimura wrote:
>>> The second topic for OpenID 2.1
>>>
>>> Maybe, it should be separated to the Discovery but...
>>>
>>> In XRD 1.0, we need to define <Rel> type url for the user=OP 
>>> relationship.
>>> What shall we use?
>>>
>>> Something like:
>>>
>>> http://specs.openid.net/rel/openid_provider#
>>>
>>> =nat
>>> _______________________________________________
>>> specs mailing list
>>> specs at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs 
>>
>> _______________________________________________
>> specs mailing list
>> specs at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs

More information about the specs mailing list