OpenID Mobile Profile?
Hi. Are there poeple who are interested in discussing OpenID Mobile profile sort of thing? Mobile phones has unique challenges of being restricted in URL length etc. OpenID as it stands now has very lengthy URLs in both requests and responses and it sometimes does not fit into the restrictions. SAML world has defined artifact binding to cope with it. IMHO, OpenID should define something like that also. In Japan, there are bunch of people (including mobile carriers) who wants to do it. Are there interest here as well? -- Nat Sakimura (=nat) http://www.sakimura.org/en/ ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
Re: OpenID Mobile Profile?
Are you talking about URL length limitations for the identifiers that users need to enter, or for URLs that are being sent around as part of the protocol? IMHO the most important question to ask for mobile devices is: can we do without typing anything? On Jan 29, 2009, at 16:56, Nat Sakimura wrote: Hi. Are there poeple who are interested in discussing OpenID Mobile profile sort of thing? Mobile phones has unique challenges of being restricted in URL length etc. OpenID as it stands now has very lengthy URLs in both requests and responses and it sometimes does not fit into the restrictions. SAML world has defined artifact binding to cope with it. IMHO, OpenID should define something like that also. In Japan, there are bunch of people (including mobile carriers) who wants to do it. Are there interest here as well? -- Nat Sakimura (=nat) http://www.sakimura.org/en/ ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
OpenID violates Semantic Web (according to them)
This does not imply anything with regard to my own position on this matter but I figured people on this list might find the latest debate [1] over the W3C TAG httpRange-14 issue interesting. Basically according to the httpRange-14 decision, a URI cannot represent both a 'person' and an 'information resource' (i.e. a blog). A blog must return HTTP 200 while a URI for a person should not, but return a 303 instead. This is a very important architectural principal of the semantic web according to the W3C TAG. The recent debate is about URIs for relationships (as in the value of a rel attribute in a Link header or element). The W3C TAG want the IANA not to serve 200 responses for relationship URIs, but 303s. It is a fascinating discussion, even if you think it is closer to an episode of Melrose Place than a technical accomplishment... EHL [1] http://lists.w3.org/Archives/Public/www-tag/2009Jan/0114.html ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
Re: OpenID Mobile Profile?
There are two issues involved. 1) URL length etc. limitations 2) User interface 1) has impact on 2). For instance, we want to avoid the users pressing buttons when redirecting. And, in many cases, we do not have javascript. This means we are left with GET and this URL length limitation becomes an issue. 2) cannot be solved globally because it could very well be somewhat dependent on the carrier implementation and handset capability. For most of the phones in Japan, we can get unique id for each handset at http level fairly securely so we can depend on it to avoid any typing (not even username etc.). This was one of the factor why m-commerce got so popular in Japan. In many other markets, e.g., the U.S., this is not granted. Thus, some other means are required. I know, WIl Tan of Maleysia is working something on iPhone in this regard. Essentially, it needs to be solved per carrier or per handset class (e.g., mid-p enabled phones, etc.), I think. =nat On Fri, Jan 30, 2009 at 2:56 PM, Johannes Ernst jernst+openid.net@ netmesh.us wrote: Are you talking about URL length limitations for the identifiers that users need to enter, or for URLs that are being sent around as part of the protocol? IMHO the most important question to ask for mobile devices is: can we do without typing anything? On Jan 29, 2009, at 16:56, Nat Sakimura wrote: Hi. Are there poeple who are interested in discussing OpenID Mobile profile sort of thing? Mobile phones has unique challenges of being restricted in URL length etc. OpenID as it stands now has very lengthy URLs in both requests and responses and it sometimes does not fit into the restrictions. SAML world has defined artifact binding to cope with it. IMHO, OpenID should define something like that also. In Japan, there are bunch of people (including mobile carriers) who wants to do it. Are there interest here as well? -- Nat Sakimura (=nat) http://www.sakimura.org/en/ ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs -- Nat Sakimura (=nat) http://www.sakimura.org/en/ ___ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
