New LR envelope idea: less cruft, more compatible

[Steve Midgley]

Hi LR friends,

A few of us are examining how to make envelopes less annoying. This is part of the LR v2 project..

First off, we know we want to sign envelopes with JWT, and put the signature on the outside of the LR stuff, instead of inside it, which reduces a lot of custom pain. Envelopes should be trivial to decode using any standard JWT library (jwt.io for list).

As I was digging into this on the LR bi-weekly call today with Joe, Nate, Jason &c, I came up with this idea:

New LR envelope proposal: https://gist.github.com/science/4f351ee1e9e4a476d291

It's a two level envelope. The outer envelope contains just enough info to let you decode the JWT claim. 

Once you decode the JWT claim, you are left with a json-ld/schema.org payload. This payload includes a learning registry namespace, so the "LR headers" are right inline with the rest of the schema.org metadata. This eliminates a "layer" in the stack - which I think is *really* nice and a huge improvement. This also lets you embed LR envelopes right on webpages (per our previous sitemap.xml conversation).

And if you want to ship metadata as xml, that's fine too - we will provide an "LR envelope" XSD to extend your namespace in XML if you prefer.. Either way you have to extend your metadata with the LR name space in whatever metadata format you're providing (right now limited to XML or JSON).

I think this is a really promising line of thinking. I would welcome all input - please be critical as needed. :)

Steve