Hi Paul - I¹m not really a webfinger expert, however, the intent is to make it possible to decouple the user¹s services from the user¹s email provider, so they do not necessarily have to be the same entity.
Allen On 1/27/10 1:18 PM, "Paul E. Jones" <[email protected]> wrote: > George, > > You¹re right that there are two things. The question is, do we wish to allow > only OP advertisement via the host meta-data XRD file? That would certainly > work for me. But, would users prefer to have a single email address (e.g., > [email protected]) and still be able to associate that with a different OP > through webfinger? > > People could always have a different acct: URI. Is that preferred over trying > to support both host meta-data and user meta-data XRD documents? > > Paul > > > From: George Fletcher [mailto:[email protected]] > Sent: Wednesday, January 27, 2010 3:11 PM > To: Paul E. Jones > Cc: 'Allen Tom'; [email protected]; [email protected] > Subject: Re: Email Address to URL Transformation > > I think there are two different things being described... (1) meta data about > the host (host-meta) and (2) meta data about the acct: identifier (XRD > returned from the webfinger template URI endpoint). > > In this thread, that host-meta XRD only describes one service of the host... > webfinger. However, there is nothing stopping the host from also adding a > <Link> specifying that it is also an OpenID Provider. I agree with Allen that > this is valuable information. This doesn't preclude or supersede the XRD > returned for the user (based on the template URI endpoint). > > So, if an RP is looking to find the user's OP, then follow the webfinger > protocol. If the RP just wants to know if a domain supports OpenID it can just > look in the host-meta for that domain. > > I don't think they conflict. > > Thanks, > George > > On 1/25/10 3:52 PM, Paul E. Jones wrote: > Allen, > > Perhaps we're in agreement, but I wasn't clear. > > I think OpenID RPs should be able to use XRD documents in order to discover > the user's login service -- I like this. What I would *not* want is for > that to be defined in this document: > http://yahoo.com/.well-known/host-meta > > The reason is that this document is not user-specific and blankets > everything under the yahoo.com domain. > > Rather, I'd want that to be in this document: > http://webfinger.yahooapis.com/?id={%id} > > Or other document that allows the user to provide details about himself. > So, if I enter [email protected], RPs would still be directed to > http://openid.packetizer.com/paulej by querying the above document (or other > document) and finding some pointer to my OP. > > Paul > > >> -----Original Message----- >> From: Allen Tom [mailto:[email protected]] >> Sent: Monday, January 25, 2010 1:45 PM >> To: Paul E. Jones >> Cc: [email protected]; [email protected]; 'John Panzer' >> Subject: Re: Email Address to URL Transformation >> >> Hi Paul - >> >> This assumes that every user with a Gmail or Yahoo email account can >> use >> their account as an OpenID. Simply asking the user to enter their email >> address to kickoff the sign-in process is a lot more scalable than the >> NASCAR, and is probably a lot more usable then asking them to enter >> their >> OpenID URL. >> >> Allen >> >> On 1/24/10 7:12 PM, "Paul E. Jones" <[email protected]> >> <mailto:[email protected]> wrote: >> >> >>> >>> But, wouldn't that assume that every user who has a gmail.com or >>> >> yahoo.com >> >>> email address uses Google or Yahoo, respectively, for OpenID? >>> >>> >>> >> >> > > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs > > >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
