Re: [apps-discuss] WF flow with rel parameter
Eran Hammer <eran@hueniverse.com> Wed, 25 April 2012 16:18 UTC
Return-Path: <eran@hueniverse.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DBC421F87E8 for <apps-discuss@ietfa.amsl.com>; Wed, 25 Apr 2012 09:18:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.509
X-Spam-Level:
X-Spam-Status: No, score=-2.509 tagged_above=-999 required=5 tests=[AWL=-0.044, BAYES_00=-2.599, HTTP_ESCAPED_HOST=0.134]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S5DK1L77fcUs for <apps-discuss@ietfa.amsl.com>; Wed, 25 Apr 2012 09:18:51 -0700 (PDT)
Received: from p3plex2out01.prod.phx3.secureserver.net (p3plex2out01.prod.phx3.secureserver.net [184.168.131.12]) by ietfa.amsl.com (Postfix) with ESMTP id E942521F87E9 for <apps-discuss@ietf.org>; Wed, 25 Apr 2012 09:18:50 -0700 (PDT)
Received: from P3PWEX2HT002.ex2.secureserver.net ([184.168.131.10]) by p3plex2out01.prod.phx3.secureserver.net with bizsmtp id 2GJq1j0060Dcg9U01GJq8b; Wed, 25 Apr 2012 09:18:50 -0700
Received: from P3PWEX2MB008.ex2.secureserver.net ([169.254.8.88]) by P3PWEX2HT002.ex2.secureserver.net ([184.168.131.10]) with mapi id 14.02.0247.003; Wed, 25 Apr 2012 09:18:50 -0700
From: Eran Hammer <eran@hueniverse.com>
To: John Bradley <ve7jtb@ve7jtb.com>, "Paul E.Jones" <paulej@packetizer.com>
Thread-Topic: [apps-discuss] WF flow with rel parameter
Thread-Index: AQHNIomKaCym1aAtdUm4KjKnInrNO5ard+qAgACdUwD//6MpkA==
Date: Wed, 25 Apr 2012 16:18:49 +0000
Message-ID: <0CBAEB56DDB3A140BA8E8C124C04ECA20100988A@P3PWEX2MB008.ex2.secureserver.net>
References: <2462F73D-62A4-4DAB-B3F7-806B65BCB96F@mac.com> <23240850-53E2-482F-BC71-C3EF7D08E232@ve7jtb.com> <042501cd22a3$d37d24a0$7a776de0$@packetizer.com> <D5A48C85-F5B4-40A1-8FE8-585319690D1F@ve7jtb.com>
In-Reply-To: <D5A48C85-F5B4-40A1-8FE8-585319690D1F@ve7jtb.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [64.74.213.174]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "apps-discuss@ietf.org" <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] WF flow with rel parameter
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Apr 2012 16:18:52 -0000
There are two separate issues here: 1. Adding support for RFC 6570 - this adds complexity (but might have happened if 6570 was finished earlier). 2. Define additional parameters (right now, only 'uri' is defined as a template input). EH > -----Original Message----- > From: apps-discuss-bounces@ietf.org [mailto:apps-discuss- > bounces@ietf.org] On Behalf Of John Bradley > Sent: Wednesday, April 25, 2012 7:49 AM > To: Paul E.Jones > Cc: apps-discuss@ietf.org > Subject: Re: [apps-discuss] WF flow with rel parameter > > Taking a closer look at http://tools.ietf.org/html/rfc6570 > > The lrdd template can be something like: > https://example.com/lrdd/?format=json{&uri,rel} > or > https://example.com/lrdd/?format=json&resource={uri}{&rel} > > So it probably comes down to me asking for WF to conform to rfc6570 for > LRDD template construction or at least adding the {?} and {&} templates from > rfc6570. > > That way people who want to host JRD's as a service on another host don't > lose the ability to filter. > > John B. > > On 2012-04-25, at 2:25 AM, Paul E. Jones wrote: > > > John, > > > > The "rel" parameter is something we still need to discuss, so not is as good > a time as any. > > > > What "rel" does is act as a filter. For the most part, the only purpose it > serves is to help reduce the number of link relations that might be sent from > the server. So, if a user had 1,000 different link relations, this might reduce > the returned message to containing only 1. However, if a user has more than > one link relation of the same type, all of them would match and be returned. > > > > When you say the host cannot support re-write rules, I assume you mean it > does not support the URI parameters on host-meta? In that case, yes, the > parameters are ignored and you get just the host-meta document. > > > > The only URI template defined in RFC 6415 is "{uri}" (see 3.1.1.1). There are > no other URI template values defined. (Note: this whole section exists only > because RFC 6570 did not yet exist, I think. > > > > In any case, we could define a new URI template, but then we would be > putting an optimization in place for LRDD. If host-meta is not going to > support the "rel" URI parameter, why would LRDD? It would also mean that > the LRDD logic would have to be ready to receive a URI parameter that is not > replaced, since some clients would only change {uri} and leave {rel} there. > That would introduce more conditional logic in the server. This would also > present issues with static sites. (Of course, one might be able to use Apache > re-writing rules to get around that problem, but it certainly would not work > for "real" static sites.) > > > > Personally, I'd prefer to not add the "rel" parameter to LRDD, since I think > optimization using "rel" would always be done on host-meta. That said, I > question the value of "rel" entirely. Do you think it's useful to have this filter > at all? Is there really a risk that a site might return 1,000 link relations that the > client would have to step over? > > > > Paul > > > > From: John Bradley [mailto:ve7jtb@ve7jtb.com] > > Sent: Tuesday, April 24, 2012 10:17 PM > > To: Paul E. Jones > > Cc: apps-discuss@ietf.org > > Subject: WF flow with rel parameter > > > > Paul, > > > > Sorry I hit send on the previous message with a typo. > > > > I am looking at how the flows in WF might work for openID. > > > > Let's set aside the XML issue for the moment and focus on the JSON flow. > > > > Please correct anything I get wrong. > > > > The openID Connect defines a relation of > http://openid.net/specs/connect/issuer > > > > WF allows for a JSON host-meta that takes two parameters, "resource" and > "rel" > > > > An example request and response (line-brakes for readability) > > > > GET /.well-known/host-meta.json > > ?resource=joe@example.com > > &rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer > HTTP/1.1 > > Host: example.com > > > > HTTP/1.1 200 OK > > > > Access-Control-Allow-Origin: * > > Content-Type: application/json; charset=UTF-8 > > > > { > > "subject" : "joe@example.com", > > "links" : > > [ > > { > > "rel" : "http://openid.net/specs/connect/issuer", > > "href" : "https://server.example.com" > > } > > ] > > } > > > > If the host can't support rewrite rules or scripts the exchange would look > like: > > > > GET /.well-known/host-meta.json > > ?resource=joe@example.com > > &rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer > HTTP/1.1 > > Host: example.com > > > > HTTP/1.1 200 OK > > Access-Control-Allow-Origin: * > > Content-Type: application/json; charset=UTF-8 > > { > > "expires" : "2012-03-13T20:56:11Z", > > "links" : > > [ > > { > > "rel" : "lrdd", > > "type" : "application/json", > > "template" : > > "https://example.com/lrdd/?format=json&resource={uri}" > > } > > > > GET /lrdd/ > > ?format=json > > &resource=joe@example.com > > Host: example.com > > > > HTTP/1.1 200 OK > > > > Access-Control-Allow-Origin: * > > Content-Type: application/json; charset=UTF-8 > > > > { > > "subject" : "joe@example.com", > > "links" : > > [ > > { > > "rel" : "http://openid.net/specs/connect/issuer", > > "href" : "https://server.example.com" > > }, > > { > > "rel" : "http://webfinger.net/rel/avatar", > > "href" : "http://example.com/~joe/joe.jpg" > > } > > > > ] > > } > > > > I can't find a template parameter for "rel". The host-meta spec allows for > extension but it is missing. > > > > What if the server wants to support filtering on rel but can't support it in > the root for some reason? > > > > Is it possible to have a template like: > > "https://example.com/lrdd/?format=json&resource={uri}&rel={rel}" > > > > That simple addition may solve a number of problems for openID. > > > > John B. > > > > > >
- Re: [apps-discuss] WF flow with rel parameter Paul E. Jones
- [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Paul E. Jones
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Paul E. Jones
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Paul E. Jones
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer
- Re: [apps-discuss] WF flow with rel parameter John Bradley
- Re: [apps-discuss] WF flow with rel parameter Eran Hammer