The OpenID Connect folks have been using Simple Web Discovery, which is as I understand it a rough translation of XRD into JSON, with a couple of simplifying changes. (Mike, want to throw your hat in on this one?)
http://tools.ietf.org/html/draft-jones-simple-web-discovery-00 -- Justin On Mon, 2011-07-04 at 00:27 -0400, Eve Maler wrote: > FWIW, the "Dynamic OAuth Client Registration" proposal made by the > User-Managed Access folks: > > > http://tools.ietf.org/html/draft-hardjono-oauth-dynreg-00 > > > ...makes use of XRD, hostmeta, and discovery, as does the OAuth-based > UMA protocol itself: > > > http://www.ietf.org/internet-drafts/draft-hardjono-oauth-umacore-00.txt > > > We'd be just as happy to use a JSON-based version of XRD if it can be > standardized, and we did do some experimentation with this early on. > But because XRD 1.0 is now stable and is straightforward enough to use > for our needs, we decided to use it normatively for now. The UMA > implementation used by http://smartam.net implements this today and it > works fine. > > > Eve > > On 3 Jul 2011, at 9:50 AM, Eran Hammer-Lahav wrote: > > > Hannes, > > > > > > None of the current OAuth WG document address discovery in any way, > > so clearly there will be no use of XRD. But the OAuth community > > predating the IETF had multiple proposals for it. In addition, > > multiple times on the IETF OAuth WG list, people have suggested > > using host-meta and XRD for discovery purposes. > > > > > > The idea that XRD was reused without merit is both misleading and > > mean-spirited. Personally, I'm sick of it, especially coming from > > standards professionals. > > > > > > XRD was largely developed by the same people who worked on > > host-meta. XRD predated host-meta and was designed to cover the > > wider use case. Host-meta was an important use case when developing > > XRD in its final few months. It was done in OASIS out of respect to > > proper standards process in which the body that originated a work > > (XRDS) gets to keep it. > > > > > > I challenge anyone to find any faults with the IPR policy or process > > used to develop host-meta in OASIS. > > > > > > XRD is one of the simplest XML formats I have seen. I bet most of > > the people bashing it now have never bothered to read it. At least > > some of these people have been personally invited by me to comment > > on XRD while it was still in development and chose to dismiss it. > > > > > > XRD was designed in a very open process with plenty of community > > feedback and it was significantly simplified based on that feedback. > > In addition, host-meta further simplifies it by profiling it down, > > removing some of the more complex elements like Subject and Alias > > (which are very useful in other contexts). XRD is nothing more than > > a cleaner version of HTML <LINK> elements with literally a handful > > of new elements based on well defined and widely supported > > requirements. It's entire semantic meaning is based on the IETF Link > > relation registry RFC. > > > > > > There is something very disturbing going on these days in how people > > treat XML-based formats, especially form OASIS. > > > > > > When host-meta's predecessor - side–meta – was originally proposed a > > few years ago, Mark Nottingham proposed an XML format not that > > different from XRD. There is nothing wrong with JSON taking over as > > a simpler alternative. I personally prefer JSON much better. But it > > would be reckless and counter productive to ignore a decade of work > > on XML formats just because it is no longer cool. Feels like we back > > in high school. > > > > > > If you have technical arguments against host-meta, please share. But > > if your objections are based on changing trends, dislike of XML or > > anything OASIS, grow up. > > > > > > EHL > > > > > > > > > > > > > > From: Hannes Tschofenig <hannes.tschofe...@gmx.net> > > Date: Sun, 3 Jul 2011 00:36:29 -0700 > > To: Mark Nottingham <m...@mnot.net> > > Cc: Hannes Tschofenig <hannes.tschofe...@gmx.net>, "ietf@ietf.org > > IETF" <ietf@ietf.org>, Eran Hammer-lahav <e...@hueniverse.com>, > > oauth WG <oa...@ietf.org> > > Subject: Re: Second Last Call: <draft-hammer-hostmeta-16.txt> (Web > > Host Metadata) to Proposed Standard -- feedback > > > > > > > > > I also never really understood why XRD was re-used. > > > > > > > > > Btw, XRD is not used by any of the current OAuth WG documents, see > > > http://datatracker.ietf.org/wg/oauth/ > > > > > > > > > > > > > > > On Jun 22, 2011, at 8:08 AM, Mark Nottingham wrote: > > > > > > > > > > * XRD -- XRD is an OASIS spec that's used by OpenID and OAuth. > > > > Maybe I'm just scarred by WS-*, but it seems very > > > > over-engineered for what it does. I understand that the > > > > communities had reasons for using it to leverage an existing > > > > user base for their specific user cases, but I don't see any > > > > reason to generalise such a beast into a generic mechanism. > > > > > > > > > > > > > > _______________________________________________ > > OAuth mailing list > > oa...@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > > Eve Maler http://www.xmlgrrl.com/blog > +1 425 345 6756 http://www.twitter.com/xmlgrrl > _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
