Hi Eran, Not sure I follow what the question is?
Should one use a proxy? Yes. Since it's unlikely any platform will support XRI resolution natively. Should the proxy be used to grab an XRDS document? Yes, if possible, and don't forget about the "Accept: application/xrds+xml" header which a server may use to serve up such a document immediately. Parsing such a document is not necessarily complex though - I found after implementing it in PHP using SimpleXML that it's a lot less complex than the specification would suggest. I think it's a good idea to grab ALL the XRDS, and not just look for an OpenID 1.1/1.0 sub-element. In the case of failure to locate OpenID 1.1, you then have the full document to see if it's only offering 2.0 (signon/server). Given you need a full parsing ability, the first option seems to make the most sense. Get as much as possible upfront to avoid any second/third HTTP requests to the User/OP. It's more efficient this way I think - if you are using caching, XRDS lookups shouldn't occur on each and every OpenID authentication process anyway. Regards, Pádraic Pádraic Brady http://blog.astrumfutura.com http://www.patternsforphp.com ----- Original Message ---- From: Eran Hammer-Lahav <[EMAIL PROTECTED]> To: [email protected] Sent: Saturday, July 28, 2007 6:21:30 PM Subject: Using XRI Proxy Resolvers in OpenID discovery <!-- _filtered {font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;} _filtered {font-family:Tahoma;panose-1:2 11 6 4 3 5 4 4 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in;margin-bottom:.0001pt;font-size:11.0pt;font-family:"Calibri", "sans-serif";} a:link, span.MsoHyperlink {color:blue;text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {color:purple;text-decoration:underline;} p.MsoAcetate, li.MsoAcetate, div.MsoAcetate {margin:0in;margin-bottom:.0001pt;font-size:8.0pt;font-family:"Tahoma", "sans-serif";} span.EmailStyle17 {font-family:"Calibri", "sans-serif";color:windowtext;} span.BalloonTextChar {font-family:"Tahoma", "sans-serif";} .MsoChpDefault {} _filtered {margin:1.0in 1.0in 1.0in 1.0in;} div.Section1 {} --> The specification makes a suggestion (section 7.3 bullet 1) to use a proxy for XRI resolution instead of implementing the XRI resolution protocol in the Relaying Party. I am not clear as to what extent can / should the proxy be used for. For example, it can be used to turn ‘=eran’ into an XRDS document: http://xri.net/=eran?_xrd_r=application/xrds+xml Or it can be used to retrieve an OpenID 1.0 service (BTW, this does not work at xri.net) and save some effort in parsing an XRDS file: http://xri.freexri.com/=eran?_xrd_r=application/xrd+xml&_xrd_t=http%3a%2f%2fopenid.net%2fsignon%2f1.0 And last, it can be used to avoid XRI and XRDS altogether (which I doubt is the intention –but one which might be suggested to RP not implementing XRI if it is indeed optional): http://xri.net/=eran Which will redirect to an HTML page with OpenID tags (assuming the RP doesn’t implement Yadis either). However, when using the Yadis, the RP still has to have all the logic of parsing a full XRDS file which can have multiple XRD elements, multiple services with priority, and multiple URIs with priority (and append instructions). Does that mean that proxies should only be used for the first option? =eran ____________________________________________________________________________________ Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online. http://smallbusiness.yahoo.com/webhosting
_______________________________________________ specs mailing list [email protected] http://openid.net/mailman/listinfo/specs
