Intro to XRD Provisioning
Jared Hanson
is in order to describe the purpose of XRD Provisioning and its
prerequisites. Here we go...
-- XRD --
XRD (Extensible Resource Descriptor) is a simple format for describing
web-based resources. It allows machines to discover the capabilities
of a resource and interact with that resource using known interfaces
and protocols. This work supersedes the XRDS format, and is being
developed in an OASIS Technical Committee.
The current working draft is located at:
http://www.oasis-open.org/committees/download.php/36542/xrd-1.0-wd15.html
-- WebFinger --
WebFinger utilizes XRD and other specifications in the discovery stack
to allow discovery to be performed on "email-like identifiers." This
work originates from efforts in the identity space, and attempts to
address usability concerns by adopting a format people are comfortable
with (email address rather than URLs).
Technical information is located at:
http://code.google.com/p/webfinger/
-- XRD Provisioning --
Given XRD as a way to advertise capabilities and services of a
resource, the next obvious step is to allow an XRD document to be
provisioned: adding, modifying, and removing links contained within.
An example is in order:
Jane uses Example.com as her primary "identity" online. She has been
issued ja...@example.com as her identifier. Behind the scenes,
WebFinger and XRD are used to provide links to her OpenID provider and
Portable Contacts-based address book. Existing sites on the web
interact with these service to authenticate Jane and show her new
information from her friends.
One day, Jane comes across some hip new service that allows her to
"check-in" and share her current location. What makes this service so
cool is that it can affiliate itself directly under a user's
identity. As such, it makes a request to Example.com, asking to be
added to Jane's XRD as her default location provider. Jane approves,
and now all the sites she uses can discover this information (given
her permission) and provide her information with additional context.
-- Prior Initiatives --
To round things out, here is a list of efforts relating to XRD
Provisioning. Newer ones use XRD, while older ones use XRDS. I've
attempted to make this comprehensive, but please reply with any I may
have overlooked.
1. XRD Provisioning Session at IIW 9
The most recent effort (that I am aware of) was a session that
occurred during IIW 9. A page on the XRI Wiki captures the essence of
the discussion:
http://wiki.oasis-open.org/xri/XrdOne/Provisioning
2. XPP (XRDS Provisioning Protocol)
Andy Dale wrote a specification titled XPP. He describes it in the
following blog posts:
http://xditao.blogspot.com/2007/05/making-use-of-xrds.html
http://xditao.blogspot.com/2007/05/more-on-xrds.html
http://xditao.blogspot.com/2007/06/expediting-xpp.html
3. XRDSP (XRDS Provisioning)
XRDSP is an update to XPP. Further information is available at the i-
names Development Wiki:
http://dev.inames.net/wiki/XRDSP
http://dev.inames.net/wiki/XRDSP_Spec
4. @freeXRI OAuth Service Endpoint
Markus Sabadello implemented an experimental API using the XRDS
format.
API Documentation is available at: http://oauth.freexri.com/
Screenshots of the UI are attached in the following discussion:
http://groups.google.com/group/webfinger/browse_thread/thread/593ef78ee9063095/96b6306a3ef564a1
5. Kantara Initiative Meeting
The minutes from a Kantara Initiative meeting detail a possible flow
for provisioning an XRD document:
http://kantarainitiative.org/confluence/display/idwsf/Neustar+April+15th,+2009
--
Jared Hanson <http://jaredhanson.net/>
Will Meyer
to leverage it for another spec (www.oexchange.org), I'd cast a vote
for tackling the add-to case with personal (webfinger-obtainable) XRDs
as a simpler subset of the entire problem set. Someone suggested this
in the context of the discussion on webfinger, a simple OAuth-backed
json-aware api to add links to your personal XRD would handle the most
common case, which is some service trying to help a user provision
itself into their personal xrd. Strikes me that IDing and access-
control issues make the rest of the cases much more challenging.
I don't know how that flies in terms of the thinking of others, but
practically it seems to me that one of the provisioning cases is
vastly more common in terms of current application needs than the
rest.
W
On Mar 9, 2:16 pm, Jared Hanson <jaredhan...@gmail.com> wrote:
> As the first discussion on the XRD Provisioning group, a brief primer
> is in order to describe the purpose of XRD Provisioning and its
> prerequisites. Here we go...
>
> -- XRD --
>
> XRD (Extensible Resource Descriptor) is a simple format for describing
> web-based resources. It allows machines to discover the capabilities
> of a resource and interact with that resource using known interfaces
> and protocols. This work supersedes the XRDS format, and is being
> developed in an OASIS Technical Committee.
>
> The current working draft is located at:http://www.oasis-open.org/committees/download.php/36542/xrd-1.0-wd15....
>
> -- WebFinger --
>
> WebFinger utilizes XRD and other specifications in the discovery stack
> to allow discovery to be performed on "email-like identifiers." This
> work originates from efforts in the identity space, and attempts to
> address usability concerns by adopting a format people are comfortable
> with (email address rather than URLs).
>
> Technical information is located at:http://code.google.com/p/webfinger/
>
> -- XRD Provisioning --
>
> Given XRD as a way to advertise capabilities and services of a
> resource, the next obvious step is to allow an XRD document to be
> provisioned: adding, modifying, and removing links contained within.
> An example is in order:
>
> Jane uses Example.com as her primary "identity" online. She has been
> issued j...@example.com as her identifier. Behind the scenes,
> WebFinger and XRD are used to provide links to her OpenID provider and
> Portable Contacts-based address book. Existing sites on the web
> interact with these service to authenticate Jane and show her new
> information from her friends.
>
> One day, Jane comes across some hip new service that allows her to
> "check-in" and share her current location. What makes this service so
> cool is that it can affiliate itself directly under a user's
> identity. As such, it makes a request to Example.com, asking to be
> added to Jane's XRD as her default location provider. Jane approves,
> and now all the sites she uses can discover this information (given
> her permission) and provide her information with additional context.
>
> -- Prior Initiatives --
>
> To round things out, here is a list of efforts relating to XRD
> Provisioning. Newer ones use XRD, while older ones use XRDS. I've
> attempted to make this comprehensive, but please reply with any I may
> have overlooked.
>
> 1. XRD Provisioning Session at IIW 9
>
> The most recent effort (that I am aware of) was a session that
> occurred during IIW 9. A page on the XRI Wiki captures the essence of
> the discussion:
>
> http://wiki.oasis-open.org/xri/XrdOne/Provisioning
>
> 2. XPP (XRDS Provisioning Protocol)
>
> Andy Dale wrote a specification titled XPP. He describes it in the
> following blog posts:
>
>
> 3. XRDSP (XRDS Provisioning)
>
> XRDSP is an update to XPP. Further information is available at the i-
> names Development Wiki:
>
> http://dev.inames.net/wiki/XRDSPhttp://dev.inames.net/wiki/XRDSP_Spec
>
> 4. @freeXRI OAuth Service Endpoint
>
> Markus Sabadello implemented an experimental API using the XRDS
> format.
>
> API Documentation is available at:http://oauth.freexri.com/
> Screenshots of the UI are attached in the following discussion:http://groups.google.com/group/webfinger/browse_thread/thread/593ef78...
>
> 5. Kantara Initiative Meeting
>
> The minutes from a Kantara Initiative meeting detail a possible flow
> for provisioning an XRD document:
>
> http://kantarainitiative.org/confluence/display/idwsf/Neustar+April+1...