Kudos for bringing this up! imho, "speccers gonna spec" and it's impossible to stop overlapping specs from showing up all the time. we'll have to live with the existence of multiple standards.
Clients will just have to stand above whatever political reasons lie behind them, and support both, just like DVD players often play like 8 different types of disc formats. We'll just have to query both, and merge the information we find. There are three important points regarding the differences between them, imho: - webfinger mentions CORS, meaning that unlike swd it can be queried by unhosted html5 apps, and not just server-to-server. - swd mentions 401 responses, meaning that unlike webfinger, it can be used to announce information to a limited audience, and not just public data. - webfinger starts at /.well-known/host-meta but swd starts at /.well-known/simple-web-discovery, meaning a relying party will have to choose which one to check first, and then check the other one in case additional information lurks there. It would be nice if at least that part could be reconciled. E.g. if swd requires providers to (also) be discoverable through host-meta. That way there's one entry point for both formats. Wouldn't that be nice? My 2ct, Michiel. On Thu, Apr 12, 2012 at 1:00 PM, Hannes Tschofenig <hannes.tschofe...@gmx.net> wrote: > Hi all, > > those who had attended the last IETF meeting may have noticed the ongoing > activity in the 'Applications Area Working Group' regarding Web Finger. > We had our discussion regarding Simple Web Discovery (SWD) as part of the > re-chartering process. > > Here are the two specifications: > http://tools.ietf.org/html/draft-jones-appsawg-webfinger-03 > http://tools.ietf.org/html/draft-jones-simple-web-discovery-02 > > Now, the questions that seems to be hanging around are > > 1) Aren't these two mechanisms solving pretty much the same problem? > 2) Do we need to have two standards for the same functionality? > 3) Do you guys have a position or comments regarding either one of them? > > Ciao > Hannes > > PS: Please also let me know if your view is: "I don't really know what all > this is about and the documents actually don't provide enough requirements to > make a reasonable judgement about the solution space." > > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
