How to manage your personal XRD

4 views
Skip to first unread message

Will Meyer

unread,
Mar 8, 2010, 5:35:35 PM3/8/10
to WebFinger
What is the latest thinking on how an end user's webfinger-obtained
personal XRD will be managed? I have been trying to understand this,
and the recent location-service update thread [2] raised it for me
again.

- Is there such a thing as a personal-xrd crud service definition out
there somewhere? IOW, an interface via which other services could
make authorized changes to a user's personal XRD (e.g. you just signed
up for some location app, it wants to ask you if it can become your
default location service)

- Do you foresee there being an admin type tool to manage your
discoverable profile? Or, will service-specific tools will use an api
to interact with whomever owns the xrd (google in the case of my gmail
address)? This ties into the delegation question as well (if I could
tell google to delegate part of my gmail profile to my own domain,
where I can directly manage my xrd, the management solution
changes).

- Are there any guidelines in place, either concretely or in the
collective consciousness, as to when putting something in a personal
XRD is a bad idea? Its discovery vs preference storage...(at logical
extreme, a personal xrd could end up looking somewhat like a
preference cookie)

Thanks for any insight,

W

[1] http://groups.google.com/group/webfinger/browse_thread/thread/51e9c0ed32b9b34f#

Brad Fitzpatrick

unread,
Mar 8, 2010, 5:40:31 PM3/8/10
to webf...@googlegroups.com
On Mon, Mar 8, 2010 at 2:35 PM, Will Meyer <wi...@willmeyer.com> wrote:
What is the latest thinking on how an end user's webfinger-obtained
personal XRD will be managed?  I have been trying to understand this,
and the recent location-service update thread [2] raised it for me
again.

 - Is there such a thing as a personal-xrd crud service definition out
there somewhere?

Not yet.  I want to make one, though.

 - Do you foresee there being an admin type tool to manage your
discoverable profile?

I want to let users add/remove links, first with a little webapp, but then later some API as well. 

John Bradley

unread,
Mar 8, 2010, 6:14:32 PM3/8/10
to webf...@googlegroups.com
Some time ago there was some thought put into creating a OAUTH protected API for XRDS provisioning.


Out of date but someplace to start.

John B.

Will Norris

unread,
Mar 8, 2010, 6:43:03 PM3/8/10
to webf...@googlegroups.com
we also wrote up "XRD Provisioning" after the last IIW:

http://wiki.oasis-open.org/xri/XrdOne/Provisioning

Still needs a bit of work, but it's there.

-will

John Panzer

unread,
Mar 8, 2010, 6:43:56 PM3/8/10
to webf...@googlegroups.com
At least the ability to do get/put of links with a specified rel value would make sense.  You could throw together a little JSON based API for this quickly.  Secure it with OAuth, make the permission screen intelligible to end users (the hard part), and make a service-update rel link be hard coded into the XRD for each user that points at the update service...  

On Mon, Mar 8, 2010 at 3:14 PM, John Bradley <ve7...@ve7jtb.com> wrote:

Will Meyer

unread,
Mar 8, 2010, 9:47:16 PM3/8/10
to webf...@googlegroups.com
On Mon, Mar 8, 2010 at 18:43, John Panzer <jpa...@google.com> wrote:
> At least the ability to do get/put of links with a specified rel value would
> make sense.  You could throw together a little JSON based API for this
> quickly.  Secure it with OAuth, make the permission screen intelligible to
> end users (the hard part), and make a service-update rel link be hard coded
> into the XRD for each user that points at the update service...

Thx all for the summaries. Indeed it might be nice for the basic "add
a service to this user's personal XRD" case to be handled more
easily/quickly, independent of the issues that come with allowing
update and delete of existing links (IDing them as well as the
question of whether an entity can delete a link they didn't first
create). OAuth'd list/put calls with json returns, coupled with the
simple web tools for users for other operations, seems like it'd be
workable (not comprehensive, but practical). I suppose I'll try a few
things on my own profile (where rsync is currently masquerading as a
sophisticated yet intuitive ui-driven management interface).

Jared Hanson

unread,
Mar 8, 2010, 7:27:42 PM3/8/10
to WebFinger
I'm also interested in this subject, and ready for "rough consensus
and running code."

After IIW 9, I rough-drafted a spec based on the discussion held
(which the write-up on the XRI wiki captures as well). I also
registered xrdprovisioning.com/.net/.org during that time. I let my
focus slide, however.

I'm glad to see interest picking up in this topic, and want to keep
the momentum going. Toward that end, I just created an XRD
Provisioning group at http://groups.google.com/group/xrd-provisioning
as a place to have on-topic discussions about this (assuming people
consider it separate from WebFinger.)

I'll dust off the domain and put some relevant links up as well.

--
Jared Hanson <http://jaredhanson.net/>


On Mar 8, 3:43 pm, Will Norris <w...@willnorris.com> wrote:
> we also wrote up "XRD Provisioning" after the last IIW:
>
> http://wiki.oasis-open.org/xri/XrdOne/Provisioning
>
> Still needs a bit of work, but it's there.
>
> -will
>
> On Mon, Mar 8, 2010 at 3:14 PM, John Bradley <ve7...@ve7jtb.com> wrote:
> > Some time ago there was some thought put into creating a OAUTH protected
> > API for XRDS provisioning.
>
> >http://dev.inames.net/wiki/XRDSP_Spec
>
> > Out of date but someplace to start.
>
> > John B.
> > On 2010-03-08, at 7:40 PM, Brad Fitzpatrick wrote:
>

> >>http://groups.google.com/group/webfinger/browse_thread/thread/51e9c0e...

Markus Sabadello

unread,
Mar 9, 2010, 1:41:05 AM3/9/10
to webf...@googlegroups.com
I've done an experimental implementation of such an API a while ago in the context of i-names and the old XRDS format.

If you get an i-name at www.freexri.com or www.fullxri.com, you can then go to one of the following "competing" Busy-Status third party services, which will try to register themselves in your i-name's XRDS:
www.busystatus.com
www.buzymazterz.com

The XRD API for this (described at oauth.freexri.com) is really basic (only supports a single operation: "add service to XRDS").

I understand i-names aren't extremely popular these days, but I'm attaching some screenshots of what that currently looks like, or you can try it yourself.

There's certainly a lot of interest in something like this, and as others mention there have been a few initiatives...

Markus
shot1.jpg
shot2.jpg
shot3.jpg
shot4.jpg

Kevin Marks

unread,
Mar 9, 2010, 7:02:34 PM3/9/10
to webf...@googlegroups.com
Is this something you could add to Google Profiles? 
When I add a link or you discover a rel="me" link, it could prompt to add the corresponding services to the XRD 

Will Meyer

unread,
Mar 11, 2010, 9:04:07 AM3/11/10
to WebFinger
On Mar 9, 7:02 pm, Kevin Marks <kevinma...@gmail.com> wrote:
> Is this something you could add to Google Profiles?
> When I add a link or you discover a rel="me" link, it could prompt to add
> the corresponding services to the XRD

FWIW I think that the only one who could reasonably present a user
interface that a user would understand would be the entity offering
the service the user actually wants to provision, which would be
programmatically communicating with the xrd-owning entity, rather than
the owning entity itself (not that it wouldn't also be good to have
some way to actually edit your xrd via your profile's custom links)

> On Mon, Mar 8, 2010 at 3:43 PM, John Panzer <jpan...@google.com> wrote:
> > At least the ability to do get/put of links with a specified rel value
> > would make sense.  You could throw together a little JSON based API for this
> > quickly.  Secure it with OAuth, make the permission screen intelligible to
> > end users (the hard part), and make a service-update rel link be hard coded
> > into the XRD for each user that points at the update service...
>
> > On Mon, Mar 8, 2010 at 3:14 PM, John Bradley <ve7...@ve7jtb.com> wrote:
>
> >> Some time ago there was some thought put into creating a OAUTH protected
> >> API for XRDS provisioning.
>
> >>http://dev.inames.net/wiki/XRDSP_Spec
>
> >> Out of date but someplace to start.
>
> >> John B.
> >> On 2010-03-08, at 7:40 PM, Brad Fitzpatrick wrote:
>

> >>>http://groups.google.com/group/webfinger/browse_thread/thread/51e9c0e...

Reply all
Reply to author
Forward
0 new messages