IETF Logo Mail Archive

Re: [apps-discuss] Looking at Webfinger

John Bradley <ve7jtb@ve7jtb.com> Wed, 04 July 2012 19:56 UTC

Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3D8121F8657 for <apps-discuss@ietfa.amsl.com>; Wed, 4 Jul 2012 12:56:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.473
X-Spam-Level:
X-Spam-Status: No, score=-3.473 tagged_above=-999 required=5 tests=[AWL=0.125, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eK-hiC1tU8Kj for <apps-discuss@ietfa.amsl.com>; Wed, 4 Jul 2012 12:56:29 -0700 (PDT)
Received: from mail-gh0-f172.google.com (mail-gh0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id B686F21F85DF for <apps-discuss@ietf.org>; Wed, 4 Jul 2012 12:56:29 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so7512040ghb.31 for <apps-discuss@ietf.org>; Wed, 04 Jul 2012 12:56:41 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=subject:mime-version:content-type:from:in-reply-to:date:cc :message-id:references:to:x-mailer:x-gm-message-state; bh=a6M4J/sWZpZvSY2wkw+ybbT/IANz2fh2NLJSwYavOe0=; b=AyHKHUWwd6E4W50TocKEqueZs5I6vyPR6X6PSYvqDjuDq/PFRdXw95vIcECys3IYTJ LmHAC2//HrEglWxYaqMHCKY6pIK6d4sLt69IygFx/uUx8gjkf8siWRS+x+wwFWR2AFKa nDmqvkvhi7qa924Yn6mjpWnY9SkQ68LMEITI52bxfUiyeuipHIhoOtdW7EjWbYi5Y00l ip9n8AjuOpAW7eE8jtZms1SbmPmSG4mbiQEArUvblAti/rDhqZ8RqHvd2NbtSgrJTEni 5Btg5PmxN7UvC/UGGYVbaJOPtKvTmqvgGCxu8O+Y/yesaC/tT5eC3wnUQnYClNoB3F4X 2WGg==
Received: by 10.236.76.230 with SMTP id b66mr27136185yhe.93.1341431800523; Wed, 04 Jul 2012 12:56:40 -0700 (PDT)
Received: from [192.168.1.211] (190-20-63-87.baf.movistar.cl. [190.20.63.87]) by mx.google.com with ESMTPS id f28sm17306391yhk.2.2012.07.04.12.56.37 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 04 Jul 2012 12:56:39 -0700 (PDT)
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: multipart/signed; boundary="Apple-Mail=_0F899FFD-FA43-4F3F-84D4-2C42E24D44FB"; protocol="application/pkcs7-signature"; micalg="sha1"
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <CAKaEYhKiL0cuSXEg5z2jNwfzkwF-q1DOa-4txGP0K3xiFbuRDg@mail.gmail.com>
Date: Wed, 04 Jul 2012 15:56:29 -0400
Message-Id: <816E4270-6A7B-4B39-96E8-4A4C23DAE731@ve7jtb.com>
References: <F80C8C9C-7AB8-4B7E-BFD2-4D69499D21A1@mnot.net> <4E1F6AAD24975D4BA5B168042967394366574F93@TK5EX14MBXC283.redmond.corp.microsoft.com> <EEF96DE8-6BEC-40D0-BC77-932E1B8591F9@mnot.net> <1A87B9DE-ECEC-4F07-8734-131D4BB564EB@ve7jtb.com> <CAC4RtVAatJPnOMw3VZZhTxHuG5PdzcoNPMeqH-mhfsA0i47JLg@mail.gmail.com> <911C1091-6D88-4937-BF4C-0FCB264B6AEF@ve7jtb.com> <CAL0qLwZP++ggNOadubb4OsuNw+zqeinQ2V8ACnVu8T0zg05m9w@mail.gmail.com> <CAKaEYhKiL0cuSXEg5z2jNwfzkwF-q1DOa-4txGP0K3xiFbuRDg@mail.gmail.com>
To: Melvin Carvalho <melvincarvalho@gmail.com>
X-Mailer: Apple Mail (2.1278)
X-Gm-Message-State: ALoCoQnxkYGjIIx0x4WzLTOUJWHvKo1HDVoFgg2Nx4efSt2ZqGiriQadY4jd5deg1wRdBqDnnha6
Cc: Mark Nottingham <mnot@mnot.net>, Barry Leiba <barryleiba@computer.org>, IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Looking at Webfinger
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2012 19:56:30 -0000

They are all separate identifiers and could resolve to different XRD/JRD.  It would be up to the provider to make the four identifiers return the same information.

Though example 3 and 4 would at least share the same host-metta for resolution.

One unresolved problem is what happens in a hosted environment like Google apps.

If I have a domain like ve7jtb.com where I have pointed mail.ve7jtb.com, calendar.ve7jtb.com , and the MX records to google.
I may have no web server for ve7jtb.com or have it pointed at some simple hosting service, that has no notion of WF.

How would Google provide WF and the services that rely on it to those hosted domains?

This is a real problem.   For openID 2.0 they asked the RP to check with a special google service to see if it was hosted.
This potentially allows for the hijacking of the discovery information and might not be ideal for all protocols using WF.

The ideas that have circulated are:
1 Using SRV records.   Not all DNS services support SRV and users will not configure not correctly  (on the order of the experience with goggle apps XMPP config)
2 Using MX records.  Check the MX host if you can't find the host-metta.   This is more likely to be configurable but ties acct:  and WF to SMTPl in a way that is not ideal.  Clients are also going to need to access DNS directly.
3 Use a special subdomain.  Check the host web finger-discovery-home.ve7jtb.com if you can't find host-meta on the target host.  The downside id that it bends the principal of not steeling namespace.  the upside is that configuring an A record is something users can do, and it is easy for WF clients.

Solving this real world problem for WF is a high priority to be able to deploy it.

John B.
On 2012-07-04, at 3:05 PM, Melvin Carvalho wrote:

> 
> 
> On 4 July 2012 05:46, Murray S. Kucherawy <superuser@gmail.com> wrote:
> On Tue, Jul 3, 2012 at 1:17 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:
> There are existing deployments of WF.   Changes that lead to something incompatible with what is deployed
> are likely to receive more resistance, now that we have a WG draft.
> 
> Not that changes can't be made with rough consensus..
> 
> It may have been easier though to have had Mark and others comments before the WG draft. 
> That might have made it easier to have included some more of the SWD design.
> 
> 
> The fact that there's a WG draft now doesn't change what's been deployed.  These are two orthogonal points.
> 
> I (predictably) concur with Barry's statements about document evolution.  The working group could conceivably completely rewrite Webfinger at this point if it so chooses, as driven by consensus.  That includes applying all, some, or none of Mark's comments, for example.
> 
> If you have some changes you'd like to have the working group consider, the floor is open.
> 
> One question I've been thinking about.  Does the acct: scheme also apply to subdomains too, or just the parent domain, or only where an email exists?
> 
> For example, are the following four, equivalent ways to describe an account?
> 
> acct:bob@facebook.com
> acct:bob@www.facebook.com
> acct:bob@graph.facebook.com
> https://graph.facebook.com/bob
> 
>  
> 
> -MSK
> 
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
> 
>

v2.23.0 | Report a Bug | By Email