This blog can't be viewed on LiveJournal. Instead see http://www.apparently.me.uk/19059.html.

  • (comment with no subject)

    I definitely better understand your argument for discovery via DNS, however I'm concerned about defining this at the EAUT level. I think it makes a lot of sense to simply use XRDS-Simple for EAUT service discovery. Pretty much every existing and emerging Open Stack technology uses XRDS-Simple for discovery, and I don't think it makes any sense to deviate from that. It allows consumers to use a single discovery mechanism for all services... EAUT, OpenID, OAuth, PoCo, whatever.

    Given that you do make an interesting argument for DNS here, perhaps it is worth pursuing DNS as an option for discovery the XRDS-Simple document for a domain. This has already been discussed at least some about a month ago[0]. Not sure if anything came of that conversation, but do you not think it would be better to implement this there? If it's useful for EAUT, it could certainly be useful for others.

    [0]: http://tr.im/oo1
    By ext_130993 at 08:20 pm on 30th Oct 2008
    • (comment with no subject)

      If the URL of the XRDS document for a domain were published in DNS, that would fix one of the main qualms I have with EAUT as it exists today. However, I'd like to see someone pin down exactly how this works with existing OpenID models, including support for canonicalization of the OpenID identifier (as is done with redirects in HTTP-based discovery today) and support for delegation. Both of these are just as important/useful for email addresses as they are for HTTP URLs, and I don't want to lose them. Delegation doesn't seem too difficult when using EAUT -- just publish the delegation information at the target URL -- but I'm not sure how normalization would work, especially if you consider the ability to "normalize" an email address into a URL or vice-versa.

      By Martin Atkins at 08:48 pm on 30th Oct 2008