Re: [apps-discuss] Aggregated service discovery

Cyrus Daboo <> Wed, 23 May 2012 18:25 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 65CA721F8713 for <>; Wed, 23 May 2012 11:25:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id R6SL9uAE-6Tu for <>; Wed, 23 May 2012 11:25:30 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 81E3A21F86FF for <>; Wed, 23 May 2012 11:25:28 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 500C327CC124; Wed, 23 May 2012 14:25:28 -0400 (EDT)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ynuBFrn+HAu8; Wed, 23 May 2012 14:25:26 -0400 (EDT)
Received: from [] ( []) by (Postfix) with ESMTPSA id 6FDAA27CC118; Wed, 23 May 2012 14:25:25 -0400 (EDT)
Date: Wed, 23 May 2012 14:25:44 -0400
From: Cyrus Daboo <>
To: Michiel de Jong <>, Mark Nottingham <>
Message-ID: <516247AC74FF27E89F0D40EC@cyrus.local>
In-Reply-To: <>
References: <64C6DF43A866F40437AF4CC3@cyrus.local> <> <>
X-Mailer: Mulberry/4.1.0a3 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; size="1384"
Subject: Re: [apps-discuss] Aggregated service discovery
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 23 May 2012 18:25:30 -0000

Hi Michiel,

--On May 23, 2012 10:33:34 AM +0000 Michiel de Jong <> 

> But the first starting point should always be public, on
> /.well-known/host-meta and with CORS headers on there. Even if it's
> just to say "nothing to see here unless you can give me credentials of
> type X" (IMO, OAuth end-point discovery can itself serve here as a
> syntax for expressing that, although i think announcing
> credentials-requirements is still a relatively under-explored part of
> discovery best practices).

Efficiency is one of the key goals for this. If the ASD ("aggregated 
service discovery") app has to follow multiple links then the benefit 
rapidly decreases over simply using the current per-service mechanisms. I 
do recognize that there may be a need to do that (e.g., services whose 
administration is delegated within a domain) but it would really be better 
to get all the required information in a single request. The other aspect 
of that is also avoiding getting redundant information. The ASD app may 
well know precisely which services it can support so being able to have the 
query filtered for just those would be good to avoid extraneous information 
being sent in a large document.

Whilst host-meta might be a jumping off point for this, its worth 
remembering that we are dealing with more than just "web" services here.

Cyrus Daboo