Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)
Mike Jones <Michael.Jones@microsoft.com> Fri, 20 April 2012 05:09 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB4EC21F8704; Thu, 19 Apr 2012 22:09:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.854
X-Spam-Level:
X-Spam-Status: No, score=-3.854 tagged_above=-999 required=5 tests=[AWL=-0.255, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J6p22CaNFdeB; Thu, 19 Apr 2012 22:09:56 -0700 (PDT)
Received: from ch1outboundpool.messaging.microsoft.com (ch1ehsobe002.messaging.microsoft.com [216.32.181.182]) by ietfa.amsl.com (Postfix) with ESMTP id B13AE21F86A7; Thu, 19 Apr 2012 22:09:52 -0700 (PDT)
Received: from mail124-ch1-R.bigfish.com (10.43.68.252) by CH1EHSOBE007.bigfish.com (10.43.70.57) with Microsoft SMTP Server id 14.1.225.23; Fri, 20 Apr 2012 05:09:51 +0000
Received: from mail124-ch1 (localhost [127.0.0.1]) by mail124-ch1-R.bigfish.com (Postfix) with ESMTP id AF0B82069F; Fri, 20 Apr 2012 05:09:51 +0000 (UTC)
X-SpamScore: -32
X-BigFish: VS-32(zz9371I542M1432Nzz1202hzz1033IL8275bhz2fh2a8h668h839h944hd25h)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14MLTC104.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail124-ch1: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14MLTC104.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail124-ch1 (localhost.localdomain [127.0.0.1]) by mail124-ch1 (MessageSwitch) id 1334898590187963_3162; Fri, 20 Apr 2012 05:09:50 +0000 (UTC)
Received: from CH1EHSMHS013.bigfish.com (snatpool1.int.messaging.microsoft.com [10.43.68.253]) by mail124-ch1.bigfish.com (Postfix) with ESMTP id 21235100045; Fri, 20 Apr 2012 05:09:50 +0000 (UTC)
Received: from TK5EX14MLTC104.redmond.corp.microsoft.com (131.107.125.8) by CH1EHSMHS013.bigfish.com (10.43.70.13) with Microsoft SMTP Server (TLS) id 14.1.225.23; Fri, 20 Apr 2012 05:09:49 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.73]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.02.0283.004; Fri, 20 Apr 2012 05:09:48 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Paul E. Jones" <paulej@packetizer.com>, "'Murray S. Kucherawy'" <msk@cloudmark.com>, "oauth@ietf.org" <oauth@ietf.org>, 'Apps Discuss' <apps-discuss@ietf.org>
Thread-Topic: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD)
Thread-Index: AQHNHqPloXuSZ0jfOECvbryHsEgTK5ajKa7Q
Date: Fri, 20 Apr 2012 05:09:48 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943664915EF@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <423611CD-8496-4F89-8994-3F837582EB21@gmx.net> <4F8852D0.4020404@cs.tcd.ie> <9452079D1A51524AA5749AD23E0039280EFE8D@exch-mbx901.corp.cloudmark.com> <sjm1unn338j.fsf@mocana.ihtfp.org> <9452079D1A51524AA5749AD23E0039280FACC3@exch-mbx901.corp.cloudmark.com> <4E1F6AAD24975D4BA5B168042967394366490B2A@TK5EX14MBXC284.redmond.corp.microsoft.com> <091401cd1ea3$e159be70$a40d3b50$@packetizer.com>
In-Reply-To: <091401cd1ea3$e159be70$a40d3b50$@packetizer.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.37]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Apr 2012 05:09:57 -0000
Currently, support for the "resource" parameter is optional, as per the following (correct?): Note that support for the "resource" parameter is optional, but strongly RECOMMENDED for improved performance. If a server does not implement the "resource" parameter, then the server's host metadata processing logic remains unchanged from RFC 6415. To truly support 1, this would need to be changed to REQUIRED, correct? -- Mike -----Original Message----- From: Paul E. Jones [mailto:paulej@packetizer.com] Sent: Thursday, April 19, 2012 8:16 PM To: Mike Jones; 'Murray S. Kucherawy'; oauth@ietf.org; 'Apps Discuss' Subject: RE: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web Discovery (SWD) Mike, > There are two criteria that I would consider to be essential > requirements for any resulting general-purpose discovery specification: > > 1. Being able to always discover per-user information with a single > GET (minimizing user interface latency for mobile devices, etc.) WF can do that. See: $ curl -v https://packetizer.com/.well-known/\ host-meta.json?resource=acct:paulej@packetizer.com > 2. JSON should be required and it should be the only format required > (simplicity and ease of deployment/adoption) See the above example. However, I also support XML with my server. It took me less than 10 minutes to code up both XML and JSON representations. Once the requested format is determined, the requested URI is determined, data is pulled from the database, spitting out the desired format is trivial. Note, and very important note: supporting both XML and JSON would only be a server-side requirement. The client is at liberty to use the format it prefers. I would agree that forcing a client to support both would be unacceptable, but the server? Nothing to it. > SWD already meets those requirements. If the resulting spec meets > those requirements, it doesn't matter a lot whether we call it > WebFinger or Simple Web Discovery, but I believe that the requirements > discussion is probably the most productive one to be having at this > point - not the starting point document. I believe WebFinger meets those requirements. We could debate whether XML should be supported, but I'll note (again) that it is there in RFC 6415. That document isn't all that old and, frankly, it concerns me that we would have a strong preference for format A one week and then Format B the next. We are where we are and I can see reason for asking for JSON, but no good reason to say we should not allow XML (on the server side). Paul
- [OAUTH-WG] Web Finger vs. Simple Web Discovery (S… Hannes Tschofenig
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Michiel de Jong
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Stephen Farrell
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Igor Faynberg
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Eran Hammer
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Igor Faynberg
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Mike Jones
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Blaine Cook
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Mike Jones
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Stephen Farrell
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Melvin Carvalho
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… William Mills
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Blaine Cook
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Mike Jones
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Eran Hammer
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Melvin Carvalho
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Pelle Wessman
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Kevin Marks
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Blaine Cook
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Dick Hardt
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… William Mills
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Panzer
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Igor Faynberg
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Eran Hammer
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Torsten Lodderstedt
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- [OAUTH-WG] R: [apps-discuss] Web Finger vs. Simpl… Goix Laurent Walter
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… George Fletcher
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… William Mills
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Julian Reschke
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Stephen Farrell
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… SM
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Daniel Renfer
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Bob Wyman
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Martin J. Dürst
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Kevin Marks
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas