Yeah, that particular hosted client won't be able to do DNS+SRV because it is App Engine based. If DNS is required, then this won't ever be a compliant client, I'm afraid.The command line version could, so I'll add that. Has anyone written down what the record will look like yet?
Given that we've tried to limit discussing XRD here as much as
possible, what else needs to be specified in order to make this stuff
work? I haven't been following the XRD discussions, but is that where
the work needs to happen?
b.
2009/8/31 Brad Fitzpatrick <br...@danga.com>:
If app engine can't do it then that seems like a show-stopper for
DNS-based discovery.
>
> I think we all mostly agreed it'd be a SRV record for "_tcp" service
> "_hostmeta". Then what you get back is a hostname / port number from srv,
> and use that instead of the original host and implied port 80 if you get a
> SRV answer. (and still fetch the path /.well-known/host-meta)
>
Requiring the path to still be /.well-known/host-meta seems to me to
defeat the point of using DNS a little.
Do you expect that the site at the other end would use the Host header
to decide what to serve? While that could certainly work, it complicates
my setup considerably compared to just adding a TXT record with a URL in
it. (I guess I'd need to set up a web server on the nominated
server/port that knows to expect a Host: degeneration.co.uk, rather than
just use the site I already have.)
SRV doesn't seem to fit here. If we're going to use esoteric record
types (i.e. not the A, CNAME or TXT that are generally supported by DNS
services) then we might as well use NAPTR, which is a better fit here
since its result is a URI.
However, I'd much rather just use TXT. Sure, it's not the cleanest thing
in the world, but it's the thing that's most readily available to use.
Is there a pragmatic reason to use SRV over TXT?
If app engine can't do it then that seems like a show-stopper for DNS-based discovery.
Brad Fitzpatrick wrote:
On Sun, Aug 30, 2009 at 3:06 PM, DeWitt Clinton <dcli...@gmail.com> wrote:
Yeah, that particular hosted client won't be able to do DNS+SRV because it
is App Engine based. If DNS is required, then this won't ever be a
compliant client, I'm afraid.
The command line version could, so I'll add that. Has anyone written down
what the record will look like yet?
just in case people are interested in following up on this discussion,
it won't actually be happening in the XRI TC. XRD 1.0 defines the XML
format of the document and basic rules for processing the document.
It says nothing about how you obtain the XRD document for a given
resource. That will be defined in the work Eran is doing in IETF, as
well as by protocols that make use of XRD (ie. OpenID Discovery 2.x
can choose to define what methods consumers should use to discover the
XRD for an OpenID).
So for those that want to continue following this discussion, look to https://www.ietf.org/mailman/listinfo/apps-discuss
-will
> Will the IETF apps-discuss list also be the right place to discuss
> possible
> HTML <link> and HTTP Link header discovery of XRD documents? Is
> that even
> still on the table?
# short answer
HTTP Link Header and HTML <link> are most certainly still part of the
proposed discovery methods for XRD.
# slightly longer answer
Exactly where different pieces of the puzzle are defined has changed a
bit, but the relevant drafts are still:
1) http://tools.ietf.org/html/draft-nottingham-http-link-header
2) http://tools.ietf.org/html/draft-nottingham-site-meta
And to a somewhat lesser degree:
3) http://tools.ietf.org/html/draft-hammer-discovery
Most of the content in #3 has actually been rolled up into #1.
Additionally, since #2 has actually become the definition of the .well-
known location, there will still need to be another document which
actually registers host-meta in that location. Since host-meta will
use XRD for its file format, Eran is waiting on a committee draft of
XRD 1.0 to reference.
First, you (DeWitt) can join the XRI list as a Google employee. We already have three other people from Google there which means Google already agreed to the charter. Anyone else who would like to join the TC can ping me. We have found ways to accommodate pretty much everyone who asked.
Second, yes, it is very important we get discovery right. The question of using other links (HTTP, HTML) is what LRDD is trying to solve, but I am not sure where that spec is going. I am working on a new draft and when ready (I plan on this week), I will ping this list and will indicate where it will be discussed.
EHL
I'm all for avoiding scope bleed between these various groups, but if
this group isn't discussing how to do discovery on an acct: URL then
what exactly *is* the scope of WebFinger?
I'm having a lot of trouble figuring out which of these bajillion
mailing lists I should actually be following. It feels like right now
things are a little *too* divided, with lots of related work getting
spread too thinly over various different forums rather than us all
working together in one place.
I'm all for avoiding scope bleed between these various groups, but if this group isn't discussing how to do discovery on an acct: URL then what exactly *is* the scope of WebFinger?
Blaine Cook wrote:
Can we drop the DNS discussion from the webfinger side of things? It
seems like it's something that needs to be nailed down in XRD, and the
security implications of delegating openid lookups from DNS are
problematic at best, so probably not something we can solve here.
Given that we've tried to limit discussing XRD here as much as
possible, what else needs to be specified in order to make this stuff
work? I haven't been following the XRD discussions, but is that where
the work needs to happen?
I'm having a lot of trouble figuring out which of these bajillion mailing lists I should actually be following. It feels like right now things are a little *too* divided, with lots of related work getting spread too thinly over various different forums rather than us all working together in one place.
Brad Fitzpatrick schrieb:
> [...]
> Scope of WebFinger (and this mailing list) is:
>
> 1) how to take an email-like identifier and get back a readable
> document. namely, the rules for email-like, and doing XRD discovery
> on the email-like host part's site, then looking for webinfo
> capability in the host's XRD document, then translating the
> URITemplate to get the user acct's XRD document.
>
> 2) all the possible service Rel types that we could/should use for
> various things.
>
> I think 1) is largely all defined now. It's probably more time to be
> talking about 2.
Do I assume correctly that the idea is basically the one of a service
catalogue for a user which holds a list of all the services he has
access to a service and/or data?
E.g. a list of all my profiles, contact lists, photos, activity stream
services etc. so that a site I sign up to can quickly retrieve that data
without me typing it in again (plus posting to services)?
If so I wonder if the idea is then to just bind it to an email like
identifier or also factor this out for URL based identifiers such as
OpenIDs?
cheers,
Christian
Okay, so this looks like:
* Take the domain part.
* Do discovery on it as defined by the XRD spec and find the domain's
own XRD document. (though I'm sure someone said elsewhere that the XRD
spec is just about the format and not about the discovery of the document.)
* Get the WebFinger template out of the discovered XRD and substitute
the account identifier into it and request the result to get another XRD.
So it seems like webfinger has two direct dependencies:
* How to find the XRD for a given host. (the host-meta spec?)
* How to process an XRD. (the XRD spec)
...and what it provides in addition to what's provided by those
dependencies is the extra step of how to discover the XRD of a
particular account within an authority, where host-meta only describes
how to discover the XRD for the authority itself.
Does that seem right?
If so, I agree that the DNS discovery thing belongs in the host-meta
spec and not in the webfinger spec. So I guess that's to be discussed on
the IETF apps list.
(Still trying to figure out what the relationship is between all of
these specs. Sorry if I'm just being slow.)