Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)
Melvin Carvalho <melvincarvalho@gmail.com> Thu, 19 April 2012 21:13 UTC
Return-Path: <melvincarvalho@gmail.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEC3721F84D5; Thu, 19 Apr 2012 14:13:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.508
X-Spam-Level:
X-Spam-Status: No, score=-3.508 tagged_above=-999 required=5 tests=[AWL=0.090, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iJPwgeUth906; Thu, 19 Apr 2012 14:13:19 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 653C621F84C4; Thu, 19 Apr 2012 14:13:19 -0700 (PDT)
Received: by vcbfo1 with SMTP id fo1so2432711vcb.31 for <multiple recipients>; Thu, 19 Apr 2012 14:13:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=xSw4icn76uXzdSvGS28TtX/oUs9ohqRG0lMdEFQsqM0=; b=G85dqAmbRtEg6JlSQC6tJzYGLS0X++XniEQigbjJlOIr679nNwRMenaTXz66wcnmRD diH4ca218Aqvq5+e+QVIeNRRyiC9l6QLMNYwzQOxYYwWvpJqCUXDWXcT7ekTS4hOGAsS 1YQOvlI6PSENR6TKDmKNcsQtfsSS72heAG0Lo2yjDRqK4mXANFj0lkhnsOB8NFUN0mWv jZFkUm3wG45twBEUGd84/eBsEM9EM/b3xWL2xso/1Ju02mi3uGZmTiVkvkiANDXv8omx DCwjpXTz9z0V7efETCQI8uWzCyLXszFRN8vuX151zZSFmBVsftcWeeH6tirrPgI39R3/ SaSw==
MIME-Version: 1.0
Received: by 10.52.95.147 with SMTP id dk19mr1561835vdb.106.1334869998839; Thu, 19 Apr 2012 14:13:18 -0700 (PDT)
Received: by 10.52.70.98 with HTTP; Thu, 19 Apr 2012 14:13:18 -0700 (PDT)
In-Reply-To: <CAKaEYhL35F7c5_DRzjKv1xFhU452DqNZFQeigMqtYXAUMb=H0A@mail.gmail.com>
References: <423611CD-8496-4F89-8994-3F837582EB21@gmx.net> <4F8852D0.4020404@cs.tcd.ie> <9452079D1A51524AA5749AD23E0039280EFE8D@exch-mbx901.corp.cloudmark.com> <sjm1unn338j.fsf@mocana.ihtfp.org> <9452079D1A51524AA5749AD23E0039280FACC3@exch-mbx901.corp.cloudmark.com> <4E1F6AAD24975D4BA5B168042967394366490B2A@TK5EX14MBXC284.redmond.corp.microsoft.com> <0CBAEB56DDB3A140BA8E8C124C04ECA2FF1C6A@P3PWEX2MB008.ex2.secureserver.net> <CAKaEYhL35F7c5_DRzjKv1xFhU452DqNZFQeigMqtYXAUMb=H0A@mail.gmail.com>
Date: Thu, 19 Apr 2012 23:13:18 +0200
Message-ID: <CAKaEYh+kA69UVY_2spLgjqBvx5Xan1Sz-_jU-BEnV=NsbEpZ-g@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Eran Hammer <eran@hueniverse.com>
Content-Type: multipart/alternative; boundary="20cf3071d0b61a281104be0ea4dd"
Cc: "oauth@ietf.org WG" <oauth@ietf.org>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web Discovery (SWD)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Apr 2012 21:13:21 -0000
On 19 April 2012 23:12, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > > > On 19 April 2012 20:26, Eran Hammer <eran@hueniverse.com> wrote: > >> #1 as John Panzer identified, allowing the server to control its >> deployment and supporting HTTP redirects is critical. >> > > +1 > > >> #2 JSON is better, which one is required is less of on issue but more of >> a best practices item. >> > > Happy with this comment, and a +1 for JSON only > > >> >> I'll add: >> >> * Highly cachable >> > > +1 tho I think most CSN dont cache a 303 redirect > Apologies CSN should read CDN > > >> * Optimize for large providers, reducing the need to make repeated >> requests when the information is mostly following a template on the server >> side >> > > +1 > > >> * Ability to provide discovery on resources, not users or any other >> subset (emails, etc.) >> > > There's a subtlety here and that's the difference in HTML between "rel" > and "rev". > > A forward or reverse lookup. Forward is a natural way to look things up, > eg you give a URL and you get a document. But something like google search > is actually a reverse index, you give it words and you get back URLs for > documents. Initially hard to get your head round, but in practice can be > incredibly practical and useful. > > Given a triple such as (subject verb object) > > <acct:user@host> email <mailto:user@host> > > Is your lookup based on the subject (WF) or the object (SWF)? > > If subject then you need something there. However, it need not be an > acct: URI > > It could be a URN eg > > urn:acct:user@host (no new uri scheme needed) > > it could be a relative URI such as > > <#> (which facebook do) > > This indicates a pointer to the top of the document > > It can even be blank > > <> > > The so-called 'blank node' in the linked data world, but then you're more > reliant on a query language, such as SPARQL. > > I'm sure I havent covered every possibility. > > OR you can key off the Object > > <anything> email <mailto:user@host> > > then return all key values assoicated with <anything> which would be in > the @subject position in the case of XRD/JRD or the @id position in the > case of something like JSON LD > > It's quite confusing but essentially you are asking two very different > things: > > 1) Give me all information where the subject is acct:user@host > > Which also means having to create a mapping, and educating every system > what the subject of their email (or xmpp/sip/tel/twitter account) should > be. A potentially big task. Im not saying it's wrong, but IMHO this is > potentially big enough to fill a whole other standards document in itself. > > or > > 2) Give me all information for the user with email mailto:user@host > > Non disruptive > > I'm sorry If i have not explained this very well, but the difference > between rev and rel confuses a lot of confusion in HTML, and that's > essentially the subtlety here (forward vs reverse lookup) > > >> * Security agnostic - leave it to HTTP, TLS, OAuth, etc. >> > > +1 > > >> * HTTP compliant - doesn't invent it's own rediretion menthods or custom >> headers, etc. >> > > +1 > > >> >> EH >> >> > -----Original Message----- >> > From: oauth-bounces@ietf.org [mailto:oauth-bounces@ietf.org] On Behalf >> > Of Mike Jones >> > Sent: Thursday, April 19, 2012 9:49 AM >> > To: Murray S. Kucherawy; oauth@ietf.org WG; Apps Discuss >> > Subject: Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web >> > Discovery (SWD) >> > >> > There are two criteria that I would consider to be essential >> requirements for >> > any resulting general-purpose discovery specification: >> > >> > 1. Being able to always discover per-user information with a single GET >> > (minimizing user interface latency for mobile devices, etc.) >> > >> > 2. JSON should be required and it should be the only format required >> > (simplicity and ease of deployment/adoption) >> > >> > SWD already meets those requirements. If the resulting spec meets those >> > requirements, it doesn't matter a lot whether we call it WebFinger or >> Simple >> > Web Discovery, but I believe that the requirements discussion is >> probably >> > the most productive one to be having at this point - not the starting >> point >> > document. >> > >> > -- Mike >> > >> > -----Original Message----- >> > From: apps-discuss-bounces@ietf.org [mailto:apps-discuss- >> > bounces@ietf.org] On Behalf Of Murray S. Kucherawy >> > Sent: Thursday, April 19, 2012 9:32 AM >> > To: oauth@ietf.org WG; Apps Discuss >> > Subject: Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web >> > Discovery (SWD) >> > >> > By all means people should correct me if they think I'm wrong about >> this, but >> > so far from monitoring the discussion there seems to be general support >> for >> > focusing on WebFinger and developing it to meet the needs of those who >> > have deployed SWD, versus the opposite. >> > >> > Does anyone want to argue the opposite? >> > >> > -MSK, appsawg co-chair >> > >> > _______________________________________________ >> > apps-discuss mailing list >> > apps-discuss@ietf.org >> > https://www.ietf.org/mailman/listinfo/apps-discuss >> > >> > >> > _______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.ietf.org/mailman/listinfo/oauth >> _______________________________________________ >> apps-discuss mailing list >> apps-discuss@ietf.org >> https://www.ietf.org/mailman/listinfo/apps-discuss >> > >
- [OAUTH-WG] Web Finger vs. Simple Web Discovery (S… Hannes Tschofenig
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Michiel de Jong
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Stephen Farrell
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Igor Faynberg
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Eran Hammer
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Igor Faynberg
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Mike Jones
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Blaine Cook
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Mike Jones
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Stephen Farrell
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Melvin Carvalho
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… William Mills
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Blaine Cook
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Mike Jones
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Eran Hammer
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Melvin Carvalho
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… John Bradley
- Re: [OAUTH-WG] Web Finger vs. Simple Web Discover… Pelle Wessman
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Kevin Marks
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Blaine Cook
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Dick Hardt
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… William Mills
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Panzer
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Murray S. Kucherawy
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Igor Faynberg
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Eran Hammer
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Torsten Lodderstedt
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- [OAUTH-WG] R: [apps-discuss] Web Finger vs. Simpl… Goix Laurent Walter
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… George Fletcher
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Melvin Carvalho
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… William Mills
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Julian Reschke
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Gonzalo Salgueiro
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… John Bradley
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Stephen Farrell
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Tim Bray
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… SM
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Daniel Renfer
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Mike Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Bob Wyman
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Martin J. Dürst
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Derek Atkins
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Paul E. Jones
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Kevin Marks
- Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simp… Michael Thomas