I think there are two different things being described... (1) meta data
about the host (host-meta) and (2) meta data about the acct: identifier
(XRD returned from the webfinger template URI endpoint).
In this thread, that host-meta XRD only describes one service of the
host... webfinger. However, there is nothing stopping the host from also
adding a <Link> specifying that it is also an OpenID Provider. I agree
with Allen that this is valuable information. This doesn't preclude or
supersede the XRD returned for the user (based on the template URI
endpoint).
So, if an RP is looking to find the user's OP, then follow the webfinger
protocol. If the RP just wants to know if a domain supports OpenID it
can just look in the host-meta for that domain.
I don't think they conflict.
Thanks,
George
On 1/25/10 3:52 PM, Paul E. Jones wrote:
Allen,
Perhaps we're in agreement, but I wasn't clear.
I think OpenID RPs should be able to use XRD documents in order to discover
the user's login service -- I like this. What I would *not* want is for
that to be defined in this document:
http://yahoo.com/.well-known/host-meta
The reason is that this document is not user-specific and blankets
everything under the yahoo.com domain.
Rather, I'd want that to be in this document:
http://webfinger.yahooapis.com/?id={%id}
Or other document that allows the user to provide details about himself.
So, if I enter [email protected], RPs would still be directed to
http://openid.packetizer.com/paulej by querying the above document (or other
document) and finding some pointer to my OP.
Paul
-----Original Message-----
From: Allen Tom [mailto:[email protected]]
Sent: Monday, January 25, 2010 1:45 PM
To: Paul E. Jones
Cc: [email protected]; [email protected]; 'John Panzer'
Subject: Re: Email Address to URL Transformation
Hi Paul -
This assumes that every user with a Gmail or Yahoo email account can
use
their account as an OpenID. Simply asking the user to enter their email
address to kickoff the sign-in process is a lot more scalable than the
NASCAR, and is probably a lot more usable then asking them to enter
their
OpenID URL.
Allen
On 1/24/10 7:12 PM, "Paul E. Jones"<[email protected]> wrote:
But, wouldn't that assume that every user who has a gmail.com or
yahoo.com
email address uses Google or Yahoo, respectively, for OpenID?
_______________________________________________
specs mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-specs
_______________________________________________
specs mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-specs
