<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:odc="urn:schemas-microsoft-com:office:odc" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:rtc="http://microsoft.com/officenet/conferencing" xmlns:D="DAV:" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:mt="http://schemas.microsoft.com/sharepoint/soap/meetings/" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ppda="http://www.passport.com/NameSpace.xsd" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcs="http://schemas.microsoft.com/data/udc/soap" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:udcp2p="http://schemas.microsoft.com/data/udc/parttopart" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:dsss="http://schemas.microsoft.com/office/2006/digsig-setup" xmlns:dssi="http://schemas.microsoft.com/office/2006/digsig" xmlns:mdssi="http://schemas.openxmlformats.org/package/2006/digital-signature" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:spwp="http://microsoft.com/sharepoint/webpartpages" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:pptsl="http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/" xmlns:spsl="http://microsoft.com/webservices/SharePointPortalServer/PublishedLinksService" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<base href="x-msg://78/">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.apple-style-span
{mso-style-name:apple-style-span;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple style='word-wrap: break-word;
-webkit-nbsp-mode: space;-webkit-line-break: after-white-space'>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>John,<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The XRD document (from WebFinger) would merely specify the
current OpenID 2.0 URI as the claimed_id. There is work to perform the
WebFinger resolution, but I think WebFinger is going to be widely supported and
it’s certainly trivial.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Once the Webfinger query is performed, the rest is precisely as
specified in OpenID 2.0. So, the only additional complexity I’m
proposing is the addition of WebFinger.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Requiring RPs and OPs to understand both OpenID 2.0 and a
completely different OpenID 3.0 seems like a lot more work to me. With
what I’m suggesting, the current URI continues to be used as it is, but
the end user utilizes an email-style address.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Further, using Webfinger also allows one to specify an OpenID
URI (if one so chose) that points to a different service provider than the one
that provides email services. I doubt most users would do this, as I
suspect most would just use their email provider. But, anybody setting up
their own hosting account would likely want to refer to a third-party OP.
So, the flexibility offered by Webfinger is nice.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>What I’d really like is “the best of all worlds”.
I want to minimize the changes to existing RP and OP software, allow users
to use email-style addresses, and allow users to specify their OP independently
of their email provider. I think Webfinger + OpenID 2.0 does those
things.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Paul<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> John Bradley
[mailto:john.bradley@wingaa.com] <br>
<b>Sent:</b> Thursday, May 13, 2010 10:55 PM<br>
<b>To:</b> Paul E. Jones<br>
<b>Cc:</b> 'Santosh Rajan'; openid-specs@lists.openid.net<br>
<b>Subject:</b> Re: OpenID V.Next - Some Views to Consider<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Having the XRD point to a XRDS is possible but would greatly
complicate the discovery process.<o:p></o:p></p>
<div>
<p class=MsoNormal>It also entrenches the problem of having to put the OP
parameters in every XRDS.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>I don't think that is likely to be accepted.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>It is expected that OP would continue providing service via
openID 2.0 perhaps dropping 1.1 due to security issues. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>Where a OP is providing openID 2.0 and v.Next services I can
see an argument for using http: URL for claimedID as that lets a openID 2.0 RP
migrate without changing claimed ID. However if a OP is
v.Next only it may be reasonable or them to use acct: or other URI schemes.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>That will have to be decided by the committee. <o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>My belief is that option should be under the control of the
user or OP not mandated by the spec. Certainly for openID 2.0 a
http: scheme URI needs to continue to be supported.<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal>John B.<o:p></o:p></p>
</div>
<div>
<div>
<div>
<p class=MsoNormal>On 2010-05-13, at 10:31 PM, Paul E. Jones wrote:<o:p></o:p></p>
</div>
<p class=MsoNormal><br>
<br>
<o:p></o:p></p>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>John,</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>To your first part:</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I very much like the idea of being able to use an email-form of
‘identifier’ when logging into a site, but I would prefer to enable
that while also maintaining compatibility with OpenID 2.0. That is, use
only those identifiers specified in the current 2.0 spec.</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>As I’m not involved in the WG itself, I guess I fall into
the category of those in the public interested in having an open/free
solution. At the same time, I’d like an open/free solution that is
not fragmented by multiple versions that do not work properly from site to site
due to a decision to break backward-compatibility. I’m really
bothered about that decision, as I just don’t think OpenID 2.0 is that
hard to implement. Further, extending OpenID through artifact binding and
using WebFinger should help keep the base spec simple. The WebFinger
addition would likely be code used for a variety of purposes and would execute
as a step before current OpenID RP code kicks in. The artifact binding
appears to be a logical and clean way to exchange a lot more information, all
of which is optional.</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>To the second part:</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Step 6 could refer to the OpenID Provider, but if that value was
the OpenID URI used today, then the provider can be derived as it is done
today: no changes to current OpenID RP code. I suppose it could be either
way and it does not matter a whole lot, but having the claimed ID there would
at least save the user a step since the RP would be able to present that
claimed ID to the OP. Thus, I would not have to re-key my identity.
The OP could display a friendlier form of identity, too. On my own
server, I don’t ask for or display the entire URL when logging in, just
‘paulej’. I keep the URI complexity out of my face.</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Paul</span><o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt;
border-width:initial;border-color:initial'>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in;
border-width:initial;border-color:initial'>
<div>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
class=apple-converted-space><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span></span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>John Bradley
[mailto:john.bradley@wingaa.com]<span class=apple-converted-space> </span><br>
<b>Sent:</b><span class=apple-converted-space> </span>Thursday, May 13,
2010 2:40 PM<br>
<b>To:</b><span class=apple-converted-space> </span>Paul E. Jones<br>
<b>Cc:</b><span class=apple-converted-space> </span>'Santosh Rajan';<span
class=apple-converted-space> </span><a
href="mailto:openid-specs@lists.openid.net">openid-specs@lists.openid.net</a><br>
<b>Subject:</b><span class=apple-converted-space> </span>Re: OpenID V.Next
- Some Views to Consider</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
<div>
<div>
<p class=MsoNormal>Paul,<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<p class=MsoNormal>I am going to split my answer into two parts.<o:p></o:p></p>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>The focus of this discussion needs to be on the charter of
the Discovery WG and it;s scope.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>The specs list is a way for people to comment on the
charter. The work will be done on a separate mailing list subject to the
OIDF IPR policy.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>We want the results of the spec process to be open and free
of patent issues especially from the participants.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>People participating in the Discovery work will agree to
contribute any IPR they hold with respect to the final output.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>Discussions on this list provide no IPR protection for the
community. <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>I think we have determined that we want the charter to allow
exploring the inclusion of non http: identifiers as input to the
discovery process.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>An example of that would be the acct: URI used by webfinger.
That is consideration not a guaranteed inclusion, this is
only the charter scope.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>This discussion got onto the topic of allowing non http: URI
as claimed ID. Should the scope of the charter include considering that.
as an option.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>I think some people have interpreted your comments as
wanting the charter to restrict claimed_id to only http: scheme URI.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>I think Santosh and others want the WG to consider allowing
that.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>If you are in agreement with allowing that in the scope of
the WG charter then I think we can close that part of the discussion.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>That is only saying it can be considered not that it will be
included in the final spec.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>The Second part of my answer is that you are close.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>Step 6 is a URI for the openID service not the users
claimed_id as it has been discussed to my knowledge.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>That is part of what the WG needs to decide. <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>That link will need a discovery step to get the parameters
for the OP.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>There may be elements defined for the XRD that indicate what
the localID or alias is at the OP and other overrides for delegation.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>That will be up to the Discovery WG to determine.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>Regards<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>John B.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>On 2010-05-13, at 12:00 PM, Paul E. Jones wrote:<o:p></o:p></p>
</div>
</div>
<div>
<p class=MsoNormal><br>
<br>
<br>
<o:p></o:p></p>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>John,</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Perhaps we need to walk through this so that I don’t get
confused.</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I had assumed it would work this way:</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>1) I enter<span class=apple-converted-space> </span><a
href="mailto:paulej@packetizer.com">paulej@packetizer.com</a><span
class=apple-converted-space> </span>into the RP’s login window</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>2) The RP would assume this is acct:paulej@packetizer.com</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>3) The RP would query<span class=apple-converted-space> </span><a
href="http://www.packetizer.com/.well-known/host-meta">http://www.packetizer.com/.well-known/host-meta</a><span
class=apple-converted-space> </span>to get an XRD document that contains
an lrdd link relation with, for example, an href="<a
href="http://www.packetizer.com/lrdd/?uri=%7buri%7d">http://www.packetizer.com/lrdd/?uri={uri}</a>"</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>4) The RP would then query the LRDD link with the acct: URI</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>5) The would return another XRD document with a <Subject>
of acct:paulej@packetizer.com, and a <Link> with a link relation value of
“openid” (or whatever the group wants to define)</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>6) The href associated with the above <Link> would be the
user’s claimed ID.</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>At this point, the RP has an OpenID claimed ID, just as if the user
had entered that value into the current OpenID login box to begin with.</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>BTW, all of this is functioning on my site now if you want to
actually issue queries to see the results. It’s not being used for
anything right now, but I implemented it just for the heck of it :-)</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>So, if you’re suggesting the mapping from<span
class=apple-converted-space> </span><a href="mailto:paulej@packetizer.com">paulej@packetizer.com</a><span
class=apple-converted-space> </span>to claimed ID would work differently,
what steps are you proposing to be taken?</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Paul</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
<div style='border:none;border-left:solid windowtext 3.0pt;padding:0in 0in 0in 4.0pt;
border-width:initial;border-color:initial;border-width:initial;border-color:
initial'>
<div>
<div style='border:none;border-top:solid windowtext 3.0pt;padding:3.0pt 0in 0in 0in;
border-width:initial;border-color:initial;border-width:initial;border-color:
initial'>
<div>
<div>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
class=apple-converted-space><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span></span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>John Bradley
[mailto:john.bradley@wingaa.com]<span class=apple-converted-space> </span><br>
<b>Sent:</b><span class=apple-converted-space> </span>Thursday, May 13,
2010 11:25 AM<br>
<b>To:</b><span class=apple-converted-space> </span>Paul E. Jones<br>
<b>Cc:</b><span class=apple-converted-space> </span>'Santosh Rajan';<span
class=apple-converted-space> </span><a
href="mailto:openid-specs@lists.openid.net">openid-specs@lists.openid.net</a><br>
<b>Subject:</b><span class=apple-converted-space> </span>Re: OpenID V.Next
- Some Views to Consider</span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal>The openID link relation is to your openID service eg Google
not your claimed_id.<o:p></o:p></p>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal>The <Subject> of the XRD is the name of the thing you
are looking up.<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal>If you input <span class=apple-style-span><span
style='font-size:11.5pt;font-family:"Calibri","sans-serif";color:#1F497D'><a
href="mailto:paulej@packetizer.com">paulej@packetizer.com</a> </span></span><span
class=apple-style-span><span style='font-size:9.0pt;color:black'>into a LRDD
resolution process and use webfinger for normalization you will get a XRD.</span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>That XRD may have the
<Subject> </span></span><span class=apple-style-span><span
style='font-size:10.0pt;font-family:"Courier New";color:#1F497D'><a
href="http://openid.packetizer.com/paulej">http://openid.packetizer.com/paulej</a> </span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>That would be up to you or
your OP to decide. </span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>I think Santosh wants to
allow you the option of having acct:paulej@packetizer.com as the subject of the
XRD.</span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>This leads to questions about
what the core protocol is validating. Is it the claimed_id or the
openid.identity. </span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>Do we need both, is
delegation supported, and if so how, etc.</span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>I think the WG needs to
consider what impact having non http/https URI as claimed ID has on the overall
protocol.</span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>I don't want to restrict the
WG from considering the issue via the charter.</span></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span class=apple-style-span><span style='font-size:9.0pt;
font-family:"Helvetica","sans-serif";color:black'>John B.</span></span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>On 2010-05-13, at 10:51 AM, Paul E. Jones wrote:<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<p class=MsoNormal><br>
<br>
<br>
<br>
<o:p></o:p></p>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Santosh,</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The subject of<span class=apple-converted-space> </span><a
href="mailto:paulej@packetizer.com">paulej@packetizer.com</a><span
class=apple-converted-space> </span>is what?</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>If that can be assumed to be acct:paulej@packetizer.com, then
when WebFinger is employed, the Subject of the XRD document is
acct:paulej@packetizer.com. That’s not what I want.</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Inside the XRD document should be a link like this:</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Courier New";
color:#1F497D'><Link rel="openid" href="<a
href="http://openid.packetizer.com/paulej">http://openid.packetizer.com/paulej</a>"/></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>The link relation value is still subject to debate, but
that’s what I think we should use to identify the claimed ID.</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Paul</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
<div style='border:none;border-left:solid windowtext 3.0pt;padding:0in 0in 0in 4.0pt;
border-width:initial;border-color:initial;border-width:initial;border-color:
initial;border-width:initial;border-color:initial'>
<div>
<div style='border:none;border-top:solid windowtext 3.0pt;padding:3.0pt 0in 0in 0in;
border-width:initial;border-color:initial;border-width:initial;border-color:
initial;border-width:initial;border-color:initial'>
<div>
<div>
<div>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
class=apple-converted-space><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span></span><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><a
href="mailto:openid-specs-bounces@lists.openid.net">openid-specs-bounces@lists.openid.net</a><span
class=apple-converted-space> </span>[mailto:openid-specs-bounces@lists.openid.net]<span
class=apple-converted-space> </span><b>On Behalf Of<span
class=apple-converted-space> </span></b>Santosh Rajan<br>
<b>Sent:</b><span class=apple-converted-space> </span>Thursday, May 13,
2010 1:50 AM<br>
<b>To:</b><span class=apple-converted-space> </span>John Bradley<br>
<b>Cc:</b><span class=apple-converted-space> </span><a
href="mailto:openid-specs@lists.openid.net">openid-specs@lists.openid.net</a><br>
<b>Subject:</b><span class=apple-converted-space> </span>Re: OpenID V.Next
- Some Views to Consider</span><o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'>I will vote for the Subject of
the XRD to be the claimed_id. It only seems natural, and clean to do that. <o:p></o:p></p>
<div>
<div>
<div>
<div>
<p class=MsoNormal>On Thu, May 13, 2010 at 3:17 AM, John Bradley <<a
href="mailto:john.bradley@wingaa.com">john.bradley@wingaa.com</a>> wrote:<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>So if openID supports LRDD then normalization rules for
Acct: and other URI schemes could be specified so that they to can be resolved
to a XRD.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>The question will be for the core protocol what to use as
the claimed_id. <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>There are three schools of thought.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>1 The normalized input identifier<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>2 The Subject of the XRD<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>3 The claimed_id that the OP returns.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>There are arguments to be made for all three.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>I expect this to be addressed in the WG.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<blockquote style='border:none;border-left:solid windowtext 3.0pt;padding:0in 0in 0in 6.0pt;
margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt;
border-width:initial;border-color:initial;border-width:initial;border-color:
initial;border-width:initial;border-color:initial'>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>On 2010-05-12, at 12:34 PM, Santosh Rajan wrote:<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Starting a new thread here based on an earlier one quoted
below.<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Let us reconsider the definition of OpenID for V.next. I
would like to see a new definition for OpenID.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>"An OpenID is Any Valid URI that can be resolved to
it's Descriptor".<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Now let me give a little explanation on the above, with a
few points.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>1) Existing OpenID's version 1 and 2 are compatible with the
above definition. (http(s) OpenId's version 1 and 2 do resolve to their
descriptor's)<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>2) Email like identifiers are compatible with the above
definition with the webfinger protocol, and ofcourse resolve to their
descriptor's.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Now any other future protocol that can make its URI
resolvable to a descriptor, will also be a Valid OpenID. Let me give an example.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>According to the above definition we can make "tag
URI's" valid OpenID's, as long as we have a protocol to resolve this URI
to its's descriptor.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div style='border:dashed #2F6FAB 1.0pt;padding:12.0pt 12.0pt 12.0pt 12.0pt;
background-image:initial;background-repeat:initial;background-attachment:initial;
-webkit-background-clip: initial;-webkit-background-origin: initial'><pre
style='line-height:13.2pt;background:#F9F9F9'><span style='color:black'> </span><o:p></o:p></pre><pre
style='line-height:13.2pt;background:#F9F9F9;background-image:initial;
background-repeat:initial;background-attachment:initial;-webkit-background-clip: initial;
-webkit-background-origin: initial;border-width:initial;border-color:initial;
background-position:initial initial'><span style='color:black'><a
href="mailto:tag%3Auser@example.com" target="_blank">tag:user@example.com</a>,2007-11-02:Tag_URI</span><o:p></o:p></pre></div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Now as far as I am concerned tag URI's are even better as
OpenID's, because they are unique over space and time.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Webfinger support for tag URI's anyone? :-)<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'>---------- Forwarded message
----------<br>
From:<span class=apple-converted-space> </span><b>Paul E. Jones</b><span
class=apple-converted-space> </span><<a
href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>><br>
Date: Wed, May 12, 2010 at 8:11 AM<br>
Subject: RE: Draft charter for v.Next Attributes working group<br>
To: Santosh Rajan <<a href="mailto:santrajan@gmail.com" target="_blank">santrajan@gmail.com</a>><br>
Cc: Mike Jones <<a href="mailto:Michael.Jones@microsoft.com" target="_blank">Michael.Jones@microsoft.com</a>>,<span
class=apple-converted-space> </span><a
href="mailto:jsmarr@stanfordalumni.org" target="_blank">jsmarr@stanfordalumni.org</a>,<span
class=apple-converted-space> </span><a
href="mailto:openid-specs@lists.openid.net" target="_blank">openid-specs@lists.openid.net</a>,<span
class=apple-converted-space> </span><a href="mailto:tech-comm@openid.net"
target="_blank">tech-comm@openid.net</a><br>
<br>
<br>
<br>
<br>
<o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Santosh,</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Why not store
the claimed ID in the webfinger (LRDD) XRD document?</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>The objective,
I would hope, is to make it easier to log into web sites. Email-style
identifiers make that easier, but the system does not have to be built around
those.</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>So, I sign up
with a service provider. Let’s just use my own site as an
example. I am assigned an email address<span class=apple-converted-space> </span><a
href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>.
Behind the scenes, I am also assign an OpenID ID<span
class=apple-converted-space> </span><a
href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>.
Now, when I visit a web site, I can type ‘<a
href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>’
and the site can perform a webfinger query to discovery by OpenID ID. We
would define a link relation (something we’ve talked about before) that
represents openid. It could be<span class=apple-converted-space> </span><a
href="http://openid.net/identity" target="_blank">http://openid.net/identity</a><span
class=apple-converted-space> </span>or it could be simply
“openid” (since link relations need not be URIs). Looking at
the href of the “openid” link relation, one would find my OpenID
URI<a href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>.</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Now, should I
wish to have a different email provider than my openid provider, that’s
fine: I could change the record associated with the openid link relation to
contain a different OpenID identifier. Alternatively, I could just get an
account at<span class=apple-converted-space> </span><a
href="http://someopenidop.com/" target="_blank">someopenidop.com</a><span
class=apple-converted-space> </span>and they might assign an e-mail style
address like<span class=apple-converted-space> </span><a
href="mailto:paulej@someopenidop.com" target="_blank">paulej@someopenidop.com</a><span
class=apple-converted-space> </span>and perform the Webfinger resolution
behind the scenes.</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Anyway, issue
this request:</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Courier New";
color:#1F497D'>$ curl<span class=apple-converted-space> </span><a
href="http://www.packetizer.com/lrdd/?uri=acct:paulej@packetizer.com"
target="_blank">http://www.packetizer.com/lrdd/?uri=acct:paulej@packetizer.com</a></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>You’ll see
the link relation for my claimed ID:</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Courier New";
color:#1F497D'><Link rel="<a href="http://openid.net/identity"
target="_blank">http://openid.net/identity</a>"</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Courier New";
color:#1F497D'> href="<a
href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>"/></span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>It does
introduce another protocol, but I think these play nicely together. The
real identity would remain the URL that OpenID uses today. The email
identifier would just be an alias for it.</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Paul</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div style='border:none;border-left:solid windowtext 3.0pt;padding:0in 0in 0in 4.0pt;
border-width:initial;border-color:initial;border-width:initial;border-color:
initial;border-width:initial;border-color:initial'>
<div>
<div style='border:none;border-top:solid windowtext 3.0pt;padding:3.0pt 0in 0in 0in;
border-width:initial;border-color:initial;border-width:initial;border-color:
initial;border-width:initial;border-color:initial'>
<div>
<div>
<div>
<p class=MsoNormal><b><span style='font-size:10.0pt'>From:</span></b><span
class=apple-converted-space><span style='font-size:10.0pt'> </span></span><span
style='font-size:10.0pt'>Santosh Rajan [mailto:<a
href="mailto:santrajan@gmail.com" target="_blank">santrajan@gmail.com</a>]<span
class=apple-converted-space> </span><br>
<b>Sent:</b><span class=apple-converted-space> </span>Tuesday, May 11,
2010 12:39 PM<br>
<b>To:</b><span class=apple-converted-space> </span>Paul E. Jones<br>
<b>Cc:</b><span class=apple-converted-space> </span>Mike Jones;<span
class=apple-converted-space> </span><a
href="mailto:jsmarr@stanfordalumni.org" target="_blank">jsmarr@stanfordalumni.org</a>;<span
class=apple-converted-space> </span><a
href="mailto:openid-specs@lists.openid.net" target="_blank">openid-specs@lists.openid.net</a>;<span
class=apple-converted-space> </span><a href="mailto:tech-comm@openid.net"
target="_blank">tech-comm@openid.net</a><br>
<b>Subject:</b><span class=apple-converted-space> </span>Re: Draft charter
for v.Next Attributes working group</span><o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div style='margin-bottom:12.0pt'>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>On Tue, May 11, 2010 at 8:55 AM, Paul E. Jones <<a
href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>>
wrote:<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.5pt;color:#1F497D'> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Adding support
for email-style addresses is something I like, but something that can be
provided via webfinger. Thus, no change to the base protocol.</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>I beg to disagree here. I think the base protocol needs to
address the issue of email like identifiers. I would like to see that email
like identifiers are valid OpenID claimed id's.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>So something like acct:example @<span
class=apple-converted-space> </span><a href="http://example.com/"
target="_blank">example.com</a><span class=apple-converted-space> </span>should
be a valid OpenID claimed_id.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Also this discussion should not be in this thread (about
attributes) and maybe someone could start a new thread on this subject.<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Thanks<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<p class=MsoNormal>Santosh<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><a href="http://hi.im/santosh"
target="_blank">http://hi.im/santosh</a><o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
<br clear=all>
<br>
--<span class=apple-converted-space> </span><br>
<a href="http://hi.im/santosh" target="_blank">http://hi.im/santosh</a><br>
<br>
<br>
<br>
<br>
<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class=MsoNormal>_______________________________________________<br>
specs mailing list<br>
<a href="mailto:specs@lists.openid.net" target="_blank">specs@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs</a><o:p></o:p></p>
</div>
</div>
</div>
</blockquote>
</div>
<div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
<br clear=all>
<br>
--<span class=apple-converted-space> </span><br>
<a href="http://hi.im/santosh">http://hi.im/santosh</a><br>
<br>
<br>
<br>
<br>
<o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div>
<p class=MsoNormal> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
</div>
</body>
</html>