I can't provide a totally worked out example. But there are a lot of attributes floating around -- including attributes on attributes, now -- and it seems like it would be useful and valuable to be able to package them up into semantically meaningful 'profiles' -- public contact information, private contact information, full read-only profile -- which you could provide to RPs. If you send an endpoint URL to the RP instead of the information itself, the RP can then retrieve it via a backchannel (and cache it). If you have private data, use a capability URL with a token that allows read-only access.<div>
<br></div><div>Then you have much more freedom in how to represent the data on the other end -- you can use PoCo or AX name/value pairs -- and you're not limited to 2K or a bad user experience. Plus, you can access the same information the same way even if not using an OpenID session to kick off the attribute exchange.<br>
<div><br clear="all">--<br>John Panzer / Google<br><a href="mailto:jpanzer@google.com">jpanzer@google.com</a> / <a href="http://abstractioneer.org">abstractioneer.org</a> / @jpanzer<br><br>
<br><br><div class="gmail_quote">On Mon, Dec 7, 2009 at 8:43 PM, Chris Messina <span dir="ltr"><<a href="mailto:chris.messina@gmail.com">chris.messina@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Can you provide an example?<div><div></div><div class="h5"><br><br><div class="gmail_quote">On Mon, Dec 7, 2009 at 8:42 PM, John Panzer <span dir="ltr"><<a href="mailto:jpanzer@google.com" target="_blank">jpanzer@google.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Would a single capability URL to a PoCo endpoint for the user - a<br>
single attribute - be a reasonable idea?<br>
<div><div></div><div><br>
On Monday, December 7, 2009, Chris Messina <<a href="mailto:chris.messina@gmail.com" target="_blank">chris.messina@gmail.com</a>> wrote:<br>
> Sounds like something to add to PoCo... perhaps something as simple as a "verified" boolean added to email addresses?<br>
> <a href="http://portablecontacts.net/draft-schema.html#anchor4" target="_blank">http://portablecontacts.net/draft-schema.html#anchor4</a><br>
><br>
> Chris<br>
><br>
> On Mon, Dec 7, 2009 at 8:25 PM, Brian Kissel <<a href="mailto:bkissel@janrain.com" target="_blank">bkissel@janrain.com</a>> wrote:<br>
><br>
> +1 on email address metadata, many RPs definitely want this.<br>
><br>
> Cheers,<br>
><br>
> Brian<br>
> ___________<br>
><br>
> Brian Kissel<br>
> CEO, JanRain - WebID and Social Publishing for User Engagement<br>
> Email: <a href="mailto:bkissel@janrain.com" target="_blank">bkissel@janrain.com</a> Cell: 503.866.4424 Fax: 503.296.5502<br>
><br>
><br>
> -----Original Message-----<br>
> From: <a href="mailto:openid-specs-bounces@lists.openid.net" target="_blank">openid-specs-bounces@lists.openid.net</a> [mailto:<a href="mailto:openid-specs-bounces@lists.openid.net" target="_blank">openid-specs-bounces@lists.openid.net</a>] On Behalf Of Allen Tom<br>
> Sent: Monday, December 07, 2009 7:46 PM<br>
> To: Peter Watkins; Chris Obdam; <a href="mailto:openid-specs@lists.openid.net" target="_blank">openid-specs@lists.openid.net</a><br>
> Subject: Re: Yahoo available AX attrs<br>
><br>
> Oops - I clicked send too early.<br>
><br>
> The bad UX with AX is the security warning that most browsers display when<br>
> POSTing a form from HTTPS to HTTP, which is the case when the Yahoo OP<br>
> returns a lot of attributes. AX attribute names are excessively long, so<br>
> it's very likely that using different attribute names for first/last/middle<br>
> name will cause the response to be returned via POST. (2KB is the cutoff<br>
> point)<br>
><br>
> With regards to email address - unless we're 100% sure about the email<br>
> address, we'd like to return metadata about the email address. Specifically,<br>
> we'd like to indicate whether or not the email address was verified, and if<br>
> so, when it was verified. This is definitely something that we'd like to get<br>
> in to AX 2.0.<br>
><br>
> Allen<br>
><br>
><br>
><br>
> On 12/7/09 7:39 PM, "Allen Tom" <<a href="mailto:atom@yahoo-inc.com" target="_blank">atom@yahoo-inc.com</a>> wrote:<br>
><br>
>> It definitely makes sense to use different attributes for givennanme/surname<br>
>> so that RPs don't have to parse the string, and a few other RPs have also<br>
>> asked for it. Our initial goal for our AX implementation was just to match<br>
>> SREG, and SREG only has a single openid.sreg.fullname attribute.<br>
>><br>
>> We'll add support for separate first/last/middle/suffix attributes in a<br>
>> followup release - probably early next year. I do hope that we're able to<br>
>> standardize the attribute names, and also keep them short and compact. If you<br>
>> ask for all our supported attributes, the response will exceed 2KB, which<br>
>> requires that the response is returned via POST, causing a really bad UX.<br>
>><br>
>> With regards to email address - we'd like to be able to return metadata about<br>
>> the email address w<br>
>><br>
>><br>
>><br>
>> On 12/7/09 7:25 AM, "Peter Watkins" <<a href="mailto:peterw@tux.org" target="_blank">peterw@tux.org</a>> wrote:<br>
>><br>
>>> On Mon, Dec 07, 2009 at 09:16:46AM +0100, Chris Obdam wrote:<br>
>>>>> Chris (Obdam) - which additional attributes would you like to see<br>
>>>>> available? The attributes that wešll be adding early next year will include<br>
>>>>> Yahoo Profile URL and account creation date. A bunch of people have asked<br>
>>>>> for Flickr Photos URL and Upcoming Profile URL, so wešll probably get<br>
>>>>> around<br>
>>>>> to adding those too.<br>
>>>> I would like to access every attr specified in de AXschema? :-)<br>
>>>><br>
>>>> In my Yahoo profile i have provided my address (home and work). I would like<br>
>>>> to use those in a sign form somewhere else.<br>
>>>> Same goes for my phone numbers.<br>
>>><br>
>>> So would I. One of the simpler goals of our Single Sign On is prepopulating<br>
>>> form fields; having postal address and phone number would be a help.<br>
>>><br>
>>> I'd also like to see First and Last names available as separate attributes,<br>
>>> otherwise we're trying to intelligently split both "Mary Jane Parker" and<br>
>>> "Malcom Mac Murray".<br>
>>><br>
>>> Also I would prefer that you give us the user's *primary* email address. In<br>
>>> my Yahoo profile, my Yahoo email address is flagged as "Share with no one"<br>
>>> and I have a different email address flagged as primary, but your AX sends<br>
</div></div>>>> my yahoo email address. Th--<br>
<div>> Chris Messina<br>
> Open Web Advocate<br>
><br>
> Personal: <a href="http://factoryjoe.com" target="_blank">http://factoryjoe.com</a><br>
> Follow me on Twitter: <a href="http://twitter.com/chrismessina" target="_blank">http://twitter.com/chrismessina</a><br>
><br>
> Citizen Agency: <a href="http://citizenagency.com" target="_blank">http://citizenagency.com</a><br>
> Diso Project: <a href="http://diso-project.org" target="_blank">http://diso-project.org</a><br>
> OpenID Foundation: <a href="http://openid.net" target="_blank">http://openid.net</a><br>
><br>
> This email is: [ ] shareable [X] ask first [ ] private<br>
><br>
><br>
<br>
</div>--<br>
<font color="#888888">--<br>
John Panzer / Google<br>
<a href="mailto:jpanzer@google.com" target="_blank">jpanzer@google.com</a> / <a href="http://abstractioneer.org" target="_blank">abstractioneer.org</a> / @jpanzer<br>
</font></blockquote></div><br><br clear="all"><br></div></div>-- <br><div><div></div><div class="h5">Chris Messina<br>Open Web Advocate<br><br>Personal: <a href="http://factoryjoe.com" target="_blank">http://factoryjoe.com</a><br>
Follow me on Twitter: <a href="http://twitter.com/chrismessina" target="_blank">http://twitter.com/chrismessina</a><br>
<br>Citizen Agency: <a href="http://citizenagency.com" target="_blank">http://citizenagency.com</a><br>Diso Project: <a href="http://diso-project.org" target="_blank">http://diso-project.org</a><br>OpenID Foundation: <a href="http://openid.net" target="_blank">http://openid.net</a><br>
<br>This email is: [ ] shareable [X] ask first [ ] private<br>
</div></div></blockquote></div><br></div></div>