That's pretty much it. Modulo security discussions about tls and/or the xrd signature mechanism. And caching.
I think the underpinnings for this are pretty stable. I don't think there is an openid link relation or security profile defined yet. On Sunday, January 24, 2010, Paul E. Jones <[email protected]> wrote: > > > > > > > > > > > > > > David, > > > > I like that. This has a lot of promise for things far beyond > OpenID. > > > > If I understand the mechanics, it would work like this: > > > > On Packetizer, we would have a URL like this defined: > > > > http://packetizer.com/.well-known/host-meta > > > > Hitting that page will return an XML document called > "XRD" (not to be confused with XRDS used in OpenID right now). > > > > The document might look like this: > > > > > > > > <?xml version='1.0' encoding='UTF-8'?> > <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0' > xmlns:hm='http://host-meta.net/xrd/1.0'> > > > <hm:Host>packetizer.com</hm:Host> > > <Link rel='lrdd' > > template='http://www.packetizer.com/describe?uri={uri}'> > > <Title>Resource Descriptor</Title> > </Link> > </XRD> > > > > > > > > What is proposing is that email-style addresses would be assumed > to be a new URI type called "acct". So, my URI would be > acct:[email protected] <acct%[email protected]>. The OpenID RP > would then issue this query to > Packetizer: > > > > http://www.packetizer.com/describe?uri=acct%3Apaulej%40packetizer.com > > > > This would return another XRD document with stuff specifically > about me: > > > > > > > > <?xml version='1.0' encoding='UTF-8'?> > <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> > > > <Subject>acct:[email protected]</Subject> > > <Alias>http://www.packetizer.com/people/paulej/</Alias> > > <Link > rel='http://specs.openid.net/auth/2.0/signon' > > href='http://openid.packetizer.com/paulej' /> > </XRD> > > > > > > > > There may be any number of "Link" elements pointing to > all kinds of information related to me. > > > > Is that the basic idea? How far along is this work? > I saw several I-Ds written by Eran Hammer-Lahav, but they were > information. I guess I should go ask him ;-) > > > > In any case, is this proposal gaining support in the OpenID > community? > > > > Paul > > > > > > > > > > From: David Recordon > [mailto:[email protected]] > Sent: Saturday, January 23, 2010 11:46 PM > To: Paul E. Jones > Cc: [email protected]; [email protected] > Subject: Re: Email Address to URL Transformation > > > > > > > > Hey Paul, > > > > Check out Web Finger (http://code.google.com/p/webfinger/). > They're tackling all of the discovery bits. > > > > > > > > > > > > --David > > > > On Sat, Jan 23, 2010 at 6:08 PM, Paul E. Jones <[email protected]> wrote: > > > > > > Folks, > > > > I had asked about this a couple of years > ago and I noted that a few others have also inquired about it. > > > > What I had proposed before was a > translation using NAPTR records in DNS. For example, for my own ID > (http://openid.packetizer.com/paulej) > would be translated using the NAPTR record as shown below: > > > > @ IN NAPTR 100 > 10 "u" "E2U+OpenID" > "!^(.+)@packetizer.com$!http://openid.packetizer.com/\\1!i"; > . > > > > I actually put this record into the DNS > for packetizer.com, so you > can see it. This does a simple translation from an email address style to > a URL. It has the proposed service type “E2U+OpenID”. > Using NAPTR records and email addresses would be entirely optional, of course: > some users may not have the same OP as the entity providing email > service. But, I think this would be very useful for those who do, > including any enterprises that might want to use OpenID internally. > > > > What was the final outcome of this or is > it still under discussion? > > > > Paul > > > > > > > > > > From: [email protected] > [mailto:[email protected]] > On Behalf Of David Recordon > Sent: Sunday, November 09, 2008 5:51 PM > To: [email protected] > Cc: [email protected] > Subject: Re: Email Address to URL Transformation > > > > > > > > > > > > Hey > Arshad, > > > > This > is now something we're talking about supporting in OpenID Authentication 2.1 > though it isn't yet clear whether it will support a transformation technique > like EAUT or something else. > > > > > > > > > > > > --David > > > > > > > > > > > > On > Aug 12, 2008, at 5:35 PM, Arshad Khan wrote: > > > > > > > > > > > > Does OpenID 2.0 support > ‘Email Address to URL Transformation (EAUT)? > > > > > > > > > > > > There is some info on this page > of what EAUT is: > > > > > > > > > > > > > -- -- John Panzer / Google [email protected] / abstractioneer.org / @jpanzer _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
