<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Webfinger is a profile of LRDD that allows this new thing called an account URI (We shall make the assumption for the moment that it gets registered and is a URI) to be resolved via LRDD to a XRD.<div><br></div><div>The important thing WebFinger provides is a way to determine the root of authority for a Acct URI. (The host to start discovery on)</div><div><br></div><div>In principal any URI with a host segment can use LRDD to get a XRD. </div><div><br></div><div>I suppose other types of URI could define some other root for discovery as well. </div><div><br></div><div>So if openID supports LRDD then normalization rules for Acct: and other URI schemes could be specified so that they to can be resolved to a XRD.</div><div><br></div><div>The question will be for the core protocol what to use as the claimed_id. </div><div><br></div><div>There are three schools of thought.</div><div>1 The normalized input identifier</div><div>2 The Subject of the XRD</div><div>3 The claimed_id that the OP returns.</div><div><br></div><div>There are arguments to be made for all three.</div><div><br></div><div>I expect this to be addressed in the WG.</div><div><br></div><div>John B.<br><div><div>On 2010-05-12, at 12:34 PM, Santosh Rajan wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">Starting a new thread here based on an earlier one quoted below.<div><br></div><div>Let us reconsider the definition of OpenID for V.next. I would like to see a new definition for OpenID.</div><div><br></div><div>"An OpenID is Any Valid URI that can be resolved to it's Descriptor".</div>
<div><br></div><div>Now let me give a little explanation on the above, with a few points.</div><div>1) Existing OpenID's version 1 and 2 are compatible with the above definition. (http(s) OpenId's version 1 and 2 do resolve to their descriptor's)</div>
<div>2) Email like identifiers are compatible with the above definition with the webfinger protocol, and ofcourse resolve to their descriptor's.</div><div><br></div><div>Now any other future protocol that can make its URI resolvable to a descriptor, will also be a Valid OpenID. Let me give an example.</div>
<div><br></div><div>According to the above definition we can make "tag URI's" valid OpenID's, as long as we have a protocol to resolve this URI to its's descriptor.</div><div><span class="Apple-style-span" style="font-family: sans-serif; font-size: 13px; line-height: 19px; "><pre style="padding-top: 1em; padding-right: 1em; padding-bottom: 1em; padding-left: 1em; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-style: dashed; border-right-style: dashed; border-bottom-style: dashed; border-left-style: dashed; border-top-color: rgb(47, 111, 171); border-right-color: rgb(47, 111, 171); border-bottom-color: rgb(47, 111, 171); border-left-color: rgb(47, 111, 171); color: black; background-color: rgb(249, 249, 249); line-height: 1.1em; font-family: monospace, sans-serif; "><a href="mailto:tag%3Auser@example.com">tag:user@example.com</a>,2007-11-02:Tag_URI</pre></span><div class="gmail_quote"><br></div><div class="gmail_quote">Now as far as I am concerned tag URI's are even better as OpenID's, because they are unique over space and time.</div>
<div class="gmail_quote"><br></div><div class="gmail_quote">Webfinger support for tag URI's anyone? :-)</div><div class="gmail_quote"><br></div><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Paul E. Jones</b> <span dir="ltr"><<a href="mailto:paulej@packetizer.com">paulej@packetizer.com</a>></span><br>
Date: Wed, May 12, 2010 at 8:11 AM<br>Subject: RE: Draft charter for v.Next Attributes working group<br>To: Santosh Rajan <<a href="mailto:santrajan@gmail.com">santrajan@gmail.com</a>><br>Cc: Mike Jones <<a href="mailto:Michael.Jones@microsoft.com">Michael.Jones@microsoft.com</a>>, <a href="mailto:jsmarr@stanfordalumni.org">jsmarr@stanfordalumni.org</a>, <a href="mailto:openid-specs@lists.openid.net">openid-specs@lists.openid.net</a>, <a href="mailto:tech-comm@openid.net">tech-comm@openid.net</a><br>
<br><br>
<div lang="EN-US" link="blue" vlink="purple">
<div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Santosh,</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Why not store the claimed ID in the webfinger (LRDD) XRD
document?</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">The objective, I would hope, is to make it easier to log into
web sites. Email-style identifiers make that easier, but the system does
not have to be built around those.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">So, I sign up with a service provider. Let’s just
use my own site as an example. I am assigned an email address <a href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>. Behind the
scenes, I am also assign an OpenID ID <a href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>.
Now, when I visit a web site, I can type ‘<a href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>’
and the site can perform a webfinger query to discovery by OpenID ID. We
would define a link relation (something we’ve talked about before) that
represents openid. It could be <a href="http://openid.net/identity" target="_blank">http://openid.net/identity</a>
or it could be simply “openid” (since link relations need not be
URIs). Looking at the href of the “openid” link relation, one
would find my OpenID URI <a href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Now, should I wish to have a different email provider than my
openid provider, that’s fine: I could change the record associated with
the openid link relation to contain a different OpenID identifier.
Alternatively, I could just get an account at <a href="http://someopenidop.com/" target="_blank">someopenidop.com</a> and they might
assign an e-mail style address like <a href="mailto:paulej@someopenidop.com" target="_blank">paulej@someopenidop.com</a>
and perform the Webfinger resolution behind the scenes.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Anyway, issue this request:</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier New";color:#1F497D">$ curl <a href="http://www.packetizer.com/lrdd/?uri=acct:paulej@packetizer.com" target="_blank">http://www.packetizer.com/lrdd/?uri=acct:paulej@packetizer.com</a></span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">You’ll see the link relation for my claimed ID:</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier New";color:#1F497D"><Link rel="<a href="http://openid.net/identity" target="_blank">http://openid.net/identity</a>"</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier New";color:#1F497D"> href="<a href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>"/></span><span style="font-size:11.0pt;color:#1F497D"></span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">It does introduce another protocol, but I think these play
nicely together. The real identity would remain the URL that OpenID uses
today. The email identifier would just be an alias for it.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Paul</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br class="webkit-block-placeholder"></div>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:10.0pt">From:</span></b><span style="font-size:10.0pt"> Santosh Rajan
[mailto:<a href="mailto:santrajan@gmail.com" target="_blank">santrajan@gmail.com</a>] <br>
<b>Sent:</b> Tuesday, May 11, 2010 12:39 PM<br>
<b>To:</b> Paul E. Jones<br>
<b>Cc:</b> Mike Jones; <a href="mailto:jsmarr@stanfordalumni.org" target="_blank">jsmarr@stanfordalumni.org</a>;
<a href="mailto:openid-specs@lists.openid.net" target="_blank">openid-specs@lists.openid.net</a>; <a href="mailto:tech-comm@openid.net" target="_blank">tech-comm@openid.net</a><br>
<b>Subject:</b> Re: Draft charter for v.Next Attributes working group</span></p>
</div>
</div><div><div></div><div class="h5"><div> <br class="webkit-block-placeholder"></div><div style="margin-bottom: 12pt; "> <br class="webkit-block-placeholder"></div>
<div><p class="MsoNormal">On Tue, May 11, 2010 at 8:55 AM, Paul E. Jones <<a href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>> wrote:</p>
<div>
<div><div><span><span style="font-size:11.5pt;color:#1F497D"> </span></span><br class="webkit-block-placeholder"></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Adding support for email-style addresses
is something I like, but something that can be provided via webfinger.
Thus, no change to the base protocol.</span></p><div> <br class="webkit-block-placeholder"></div>
</div>
</div>
<div><div> <br class="webkit-block-placeholder"></div>
</div>
<div><p class="MsoNormal">I beg to disagree here. I think the base protocol needs to
address the issue of email like identifiers. I would like to see that email
like identifiers are valid OpenID claimed id's.</p>
</div>
<div><p class="MsoNormal">So something like acct:example @ <a href="http://example.com/" target="_blank">example.com</a>
should be a valid OpenID claimed_id.</p>
</div>
<div><div> <br class="webkit-block-placeholder"></div>
</div>
<div><p class="MsoNormal">Also this discussion should not be in this thread (about
attributes) and maybe someone could start a new thread on this subject.</p>
</div>
<div><div> <br class="webkit-block-placeholder"></div>
</div>
<div><p class="MsoNormal">Thanks</p>
</div>
<div><p class="MsoNormal">Santosh</p>
</div>
<div><div> <br class="webkit-block-placeholder"></div>
</div>
<div><div> <br class="webkit-block-placeholder"></div>
</div>
</div><p class="MsoNormal" style="margin-bottom:12.0pt"><a href="http://hi.im/santosh" target="_blank">http://hi.im/santosh</a><br>
<br>
</p>
</div></div></div>
</div>
</div>
</div><br><br clear="all"><br>-- <br><a href="http://hi.im/santosh">http://hi.im/santosh</a><br><br><br>
</div>
_______________________________________________<br>specs mailing list<br><a href="mailto:specs@lists.openid.net">specs@lists.openid.net</a><br>http://lists.openid.net/mailman/listinfo/openid-specs<br></blockquote></div><br></div></body></html>