I will vote for the Subject of the XRD to be the claimed_id. It only seems natural, and clean to do that. <br><br><div class="gmail_quote">On Thu, May 13, 2010 at 3:17 AM, John Bradley <span dir="ltr"><<a href="mailto:john.bradley@wingaa.com">john.bradley@wingaa.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div style="word-wrap:break-word"><div><br></div><div>So if openID supports LRDD then normalization rules for Acct: and other URI schemes could be specified so that they to can be resolved to a XRD.</div>
<div><br></div><div>The question will be for the core protocol what to use as the claimed_id. </div><div><br></div><div>There are three schools of thought.</div><div>1 The normalized input identifier</div><div>2 The Subject of the XRD</div>
<div>3 The claimed_id that the OP returns.</div><div><br></div><div>There are arguments to be made for all three.</div><div><br></div><div>I expect this to be addressed in the WG.</div><div><br></div></div></blockquote><div>
</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div style="word-wrap:break-word"><div></div><div><div><div><div></div><div class="h5"><div>On 2010-05-12, at 12:34 PM, Santosh Rajan wrote:</div>
<br></div></div><blockquote type="cite"><div><div></div><div class="h5">Starting a new thread here based on an earlier one quoted below.<div><br></div><div>Let us reconsider the definition of OpenID for V.next. I would like to see a new definition for OpenID.</div>
<div><br></div><div>"An OpenID is Any Valid URI that can be resolved to it's Descriptor".</div>
<div><br></div><div>Now let me give a little explanation on the above, with a few points.</div><div>1) Existing OpenID's version 1 and 2 are compatible with the above definition. (http(s) OpenId's version 1 and 2 do resolve to their descriptor's)</div>
<div>2) Email like identifiers are compatible with the above definition with the webfinger protocol, and ofcourse resolve to their descriptor's.</div><div><br></div><div>Now any other future protocol that can make its URI resolvable to a descriptor, will also be a Valid OpenID. Let me give an example.</div>
<div><br></div><div>According to the above definition we can make "tag URI's" valid OpenID's, as long as we have a protocol to resolve this URI to its's descriptor.</div><div><span style="font-family:sans-serif;font-size:13px;line-height:19px"><pre style="padding-top:1em;padding-right:1em;padding-bottom:1em;padding-left:1em;border-top-width:1px;border-right-width:1px;border-bottom-width:1px;border-left-width:1px;border-top-style:dashed;border-right-style:dashed;border-bottom-style:dashed;border-left-style:dashed;border-top-color:rgb(47, 111, 171);border-right-color:rgb(47, 111, 171);border-bottom-color:rgb(47, 111, 171);border-left-color:rgb(47, 111, 171);color:black;background-color:rgb(249, 249, 249);line-height:1.1em;font-family:monospace, sans-serif">
<a href="mailto:tag%3Auser@example.com" target="_blank">tag:user@example.com</a>,2007-11-02:Tag_URI</pre></span><div class="gmail_quote"><br></div><div class="gmail_quote">Now as far as I am concerned tag URI's are even better as OpenID's, because they are unique over space and time.</div>
<div class="gmail_quote"><br></div><div class="gmail_quote">Webfinger support for tag URI's anyone? :-)</div><div class="gmail_quote"><br></div><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Paul E. Jones</b> <span dir="ltr"><<a href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>></span><br>
Date: Wed, May 12, 2010 at 8:11 AM<br>Subject: RE: Draft charter for v.Next Attributes working group<br>To: Santosh Rajan <<a href="mailto:santrajan@gmail.com" target="_blank">santrajan@gmail.com</a>><br>Cc: Mike Jones <<a href="mailto:Michael.Jones@microsoft.com" target="_blank">Michael.Jones@microsoft.com</a>>, <a href="mailto:jsmarr@stanfordalumni.org" target="_blank">jsmarr@stanfordalumni.org</a>, <a href="mailto:openid-specs@lists.openid.net" target="_blank">openid-specs@lists.openid.net</a>, <a href="mailto:tech-comm@openid.net" target="_blank">tech-comm@openid.net</a><br>
<br><br>
<div lang="EN-US" link="blue" vlink="purple">
<div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Santosh,</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Why not store the claimed ID in the webfinger (LRDD) XRD
document?</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">The objective, I would hope, is to make it easier to log into
web sites. Email-style identifiers make that easier, but the system does
not have to be built around those.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">So, I sign up with a service provider. Let’s just
use my own site as an example. I am assigned an email address <a href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>. Behind the
scenes, I am also assign an OpenID ID <a href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>.
Now, when I visit a web site, I can type ‘<a href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>’
and the site can perform a webfinger query to discovery by OpenID ID. We
would define a link relation (something we’ve talked about before) that
represents openid. It could be <a href="http://openid.net/identity" target="_blank">http://openid.net/identity</a>
or it could be simply “openid” (since link relations need not be
URIs). Looking at the href of the “openid” link relation, one
would find my OpenID URI <a href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal">
<span style="font-size:11.0pt;color:#1F497D">Now, should I wish to have a different email provider than my
openid provider, that’s fine: I could change the record associated with
the openid link relation to contain a different OpenID identifier.
Alternatively, I could just get an account at <a href="http://someopenidop.com/" target="_blank">someopenidop.com</a> and they might
assign an e-mail style address like <a href="mailto:paulej@someopenidop.com" target="_blank">paulej@someopenidop.com</a>
and perform the Webfinger resolution behind the scenes.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Anyway, issue this request:</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier New";color:#1F497D">$ curl <a href="http://www.packetizer.com/lrdd/?uri=acct:paulej@packetizer.com" target="_blank">http://www.packetizer.com/lrdd/?uri=acct:paulej@packetizer.com</a></span></p>
<div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">You’ll see the link relation for my claimed ID:</span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier New";color:#1F497D"><Link rel="<a href="http://openid.net/identity" target="_blank">http://openid.net/identity</a>"</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier New";color:#1F497D"> href="<a href="http://openid.packetizer.com/paulej" target="_blank">http://openid.packetizer.com/paulej</a>"/></span><span style="font-size:11.0pt;color:#1F497D"></span></p>
<div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">It does introduce another protocol, but I think these play
nicely together. The real identity would remain the URL that OpenID uses
today. The email identifier would just be an alias for it.</span></p><div><span style="font-size:11.0pt;color:#1F497D"> </span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Paul</span></p><div>
<span style="font-size:11.0pt;color:#1F497D"> </span><br></div>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:10.0pt">From:</span></b><span style="font-size:10.0pt"> Santosh Rajan
[mailto:<a href="mailto:santrajan@gmail.com" target="_blank">santrajan@gmail.com</a>] <br>
<b>Sent:</b> Tuesday, May 11, 2010 12:39 PM<br>
<b>To:</b> Paul E. Jones<br>
<b>Cc:</b> Mike Jones; <a href="mailto:jsmarr@stanfordalumni.org" target="_blank">jsmarr@stanfordalumni.org</a>;
<a href="mailto:openid-specs@lists.openid.net" target="_blank">openid-specs@lists.openid.net</a>; <a href="mailto:tech-comm@openid.net" target="_blank">tech-comm@openid.net</a><br>
<b>Subject:</b> Re: Draft charter for v.Next Attributes working group</span></p>
</div>
</div><div><div></div><div><div> <br></div><div style="margin-bottom:12pt"> <br></div>
<div><p class="MsoNormal">On Tue, May 11, 2010 at 8:55 AM, Paul E. Jones <<a href="mailto:paulej@packetizer.com" target="_blank">paulej@packetizer.com</a>> wrote:</p>
<div>
<div><div><span><span style="font-size:11.5pt;color:#1F497D"> </span></span><br></div><p class="MsoNormal"><span style="font-size:11.0pt;color:#1F497D">Adding support for email-style addresses
is something I like, but something that can be provided via webfinger.
Thus, no change to the base protocol.</span></p><div> <br></div>
</div>
</div>
<div><div> <br></div>
</div>
<div><p class="MsoNormal">I beg to disagree here. I think the base protocol needs to
address the issue of email like identifiers. I would like to see that email
like identifiers are valid OpenID claimed id's.</p>
</div>
<div><p class="MsoNormal">So something like acct:example @ <a href="http://example.com/" target="_blank">example.com</a>
should be a valid OpenID claimed_id.</p>
</div>
<div><div> <br></div>
</div>
<div><p class="MsoNormal">Also this discussion should not be in this thread (about
attributes) and maybe someone could start a new thread on this subject.</p>
</div>
<div><div> <br></div>
</div>
<div><p class="MsoNormal">Thanks</p>
</div>
<div><p class="MsoNormal">Santosh</p>
</div>
<div><div> <br></div>
</div>
<div><div> <br></div>
</div>
</div><p class="MsoNormal" style="margin-bottom:12.0pt"><a href="http://hi.im/santosh" target="_blank">http://hi.im/santosh</a><br>
<br>
</p>
</div></div></div>
</div>
</div>
</div><br><br clear="all"><br>-- <br><a href="http://hi.im/santosh" target="_blank">http://hi.im/santosh</a><br><br><br>
</div></div></div>
_______________________________________________<br>specs mailing list<br><a href="mailto:specs@lists.openid.net" target="_blank">specs@lists.openid.net</a><br><a href="http://lists.openid.net/mailman/listinfo/openid-specs" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs</a><br>
</blockquote></div><br></div></div></blockquote></div><br><br clear="all"><br>-- <br><a href="http://hi.im/santosh">http://hi.im/santosh</a><br><br><br>