Re: [apps-discuss] The acct: scheme question

John Bradley <> Thu, 24 May 2012 14:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8B10521F85FD for <>; Thu, 24 May 2012 07:27:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TMwf3SLPGaLO for <>; Thu, 24 May 2012 07:27:25 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 7C79221F857D for <>; Thu, 24 May 2012 07:27:25 -0700 (PDT)
Received: by vcqp1 with SMTP id p1so1787004vcq.31 for <>; Thu, 24 May 2012 07:27:24 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to:x-mailer :x-gm-message-state; bh=TdYzYiMvb900aHUSv+YMZM/kVOh7ldHeE4c8xSa0+zU=; b=TrVABEOzH+s6JU1L4jEJWVRqp7eHWPKx6z4IrRjeU+6Giuftkh6nOUVkpqQkD8RKbA OTvqjgiSJS2qA90YeiIAq4+SRkwgQxw0mhWdJAtfsaPj1sNKNGfQp7PBgYugafKrLQr5 twGG0IBFNlmCrRPqxLv3x/LCmNutppp8+Ig5OVnMPOhLlxTioCdGCwRPkNe6GGo0N7JV Aawndqfbmd8+S1Y+7Vvzk2+NZRwy1KBl+nKLejcRJ5fX0Bq4y3sccHtkL/lXdRbs6uhE nDbA5eZZTdtvGCupw+ORPqeEy7XUZYofeHVbmBbn4nuTuu3uTbSi4MTH/9SrsX/XbLHr lfKA==
Received: by with SMTP id a6mr16043904vdf.37.1337869644716; Thu, 24 May 2012 07:27:24 -0700 (PDT)
Received: from [] ( []) by with ESMTPS id i19sm28133492vdt.18.2012. (version=TLSv1/SSLv3 cipher=OTHER); Thu, 24 May 2012 07:27:23 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: text/plain; charset="us-ascii"
From: John Bradley <>
In-Reply-To: <058101cd39b6$02a28990$07e79cb0$>
Date: Thu, 24 May 2012 10:27:21 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <> <> <> <> <> <> <04f601cd3957$14ea4d90$3ebee8b0$> <> <058101cd39b6$02a28990$07e79cb0$>
To: "Paul E. Jones" <>
X-Mailer: Apple Mail (2.1278)
X-Gm-Message-State: ALoCoQlgWW1z54wuREvrioHnXVU4C2J3FaLtx9cUlIrocSIZGCdrsrrSw4YtwPRj6zaHGGvNt6+x
Cc: " Discuss" <>
Subject: Re: [apps-discuss] The acct: scheme question
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 24 May 2012 14:27:26 -0000

The question comes down to the same one that has been discussed in the past.

What to use as a abstract identifier for a user.

I am sympathetic to the use of acct:

However I have not been convinced that it belongs in WF directly.

Until acct: is an approved URI I am not keen to have openID Connect take a normative reference to it.

If the WG and the chairs decide to do it as one spec,  that will likely impact our decision to reference WF for discovery.

That is just a personal opinion and the Connect WG will need to take the decision.

John B.

On 2012-05-24, at 10:03 AM, Paul E. Jones wrote:

> Henry,
>> Paul E. Jones writes:
>>> The "acct" URI scheme has a narrow scope . . . I suspect appreciation
>>> for that URI scheme will grow with wider deployment of WebFinger,
>>> though.
>> I find those two statements bordering on the contradictory.  It is
>> precisely because if it does indeed turn out that acct: URIs address a
>> real need, they will 'leak' out of WF and into wider contexts (i.e.
>> "appreciation . . . will grow"), and so acct: needs review as such in the
>> normal way any new URI scheme needs review.
> It wasn't intended to be.  Several have said before that they do not like
> "acct" and prefer something else.  However, I think that is because "acct"
> is presently not widely deployed and the novelty concerns people.  It has
> been suggested, for example, to use the URI scheme "mailto" instead.  So, my
> intent was just to say that once "acct" is adopted for querying for a user's
> account information using "acct", people will appreciate it more than they
> do now.  I think back on the examples I've given where I feel "mailto" just
> isn't right because it relates to email and some of my accounts on the
> Internet have no relationship to email.
> That's not to say that "mailto" could not be used.  If the OpenID spec
> declared that was the URI to use, then that's what that protocol mandates
> and I'd have no objection to it.  What I'd like to see mailto used for,
> though, is to provide information to my mail client so it can be
> provisioned.  Someone referred to RFC 6186 as a way to do that, but that RFC
> only specifies what POP, IMAP, and SMTP servers to use globally.  Users are
> often clustered on certain machines and I'd personally like to see a link
> relation called "config-email" that has a URI that, when queried, would
> return JSON like this:
>  {
>    "imaps" : "",
>    "smtp-submission" : ""
>  }
> That link relation could be returned when querying for my account (via the
> "acct" URI), but if there was a document that defined mail
> auto-configuration, then it could specify the use of "mailto" and I believe
> that would be a perfectly good example of where "mailto:" would be more
> appropriate than "acct".
> The "acct" URI should be used to return a wide variety of information about
> a user's account.  I view it as information that is largely of interest to
> people other than the actual user.  That would include information like my
> contact list or my picture or other information.
> Anyway, we've discussed before that WebFinger can operate on a variety of
> URIs.  The one that should relate to the users account we put a stake in the
> ground and declare to be "acct".  If we want to specify other URIs for a
> subset of that information or instead of "acct" (e.g., mailto for mail
> configuration), that would be a reasonable thing to do.
> Paul