On 19 April 2012 23:12, Melvin Carvalho <melvincarva...@gmail.com> wrote:
> > > On 19 April 2012 20:26, Eran Hammer <e...@hueniverse.com> wrote: > >> #1 as John Panzer identified, allowing the server to control its >> deployment and supporting HTTP redirects is critical. >> > > +1 > > >> #2 JSON is better, which one is required is less of on issue but more of >> a best practices item. >> > > Happy with this comment, and a +1 for JSON only > > >> >> I'll add: >> >> * Highly cachable >> > > +1 tho I think most CSN dont cache a 303 redirect > Apologies CSN should read CDN > > >> * Optimize for large providers, reducing the need to make repeated >> requests when the information is mostly following a template on the server >> side >> > > +1 > > >> * Ability to provide discovery on resources, not users or any other >> subset (emails, etc.) >> > > There's a subtlety here and that's the difference in HTML between "rel" > and "rev". > > A forward or reverse lookup. Forward is a natural way to look things up, > eg you give a URL and you get a document. But something like google search > is actually a reverse index, you give it words and you get back URLs for > documents. Initially hard to get your head round, but in practice can be > incredibly practical and useful. > > Given a triple such as (subject verb object) > > <acct:user@host> email <mailto:user@host> > > Is your lookup based on the subject (WF) or the object (SWF)? > > If subject then you need something there. However, it need not be an > acct: URI > > It could be a URN eg > > urn:acct:user@host (no new uri scheme needed) > > it could be a relative URI such as > > <#> (which facebook do) > > This indicates a pointer to the top of the document > > It can even be blank > > <> > > The so-called 'blank node' in the linked data world, but then you're more > reliant on a query language, such as SPARQL. > > I'm sure I havent covered every possibility. > > OR you can key off the Object > > <anything> email <mailto:user@host> > > then return all key values assoicated with <anything> which would be in > the @subject position in the case of XRD/JRD or the @id position in the > case of something like JSON LD > > It's quite confusing but essentially you are asking two very different > things: > > 1) Give me all information where the subject is acct:user@host > > Which also means having to create a mapping, and educating every system > what the subject of their email (or xmpp/sip/tel/twitter account) should > be. A potentially big task. Im not saying it's wrong, but IMHO this is > potentially big enough to fill a whole other standards document in itself. > > or > > 2) Give me all information for the user with email mailto:user@host > > Non disruptive > > I'm sorry If i have not explained this very well, but the difference > between rev and rel confuses a lot of confusion in HTML, and that's > essentially the subtlety here (forward vs reverse lookup) > > >> * Security agnostic - leave it to HTTP, TLS, OAuth, etc. >> > > +1 > > >> * HTTP compliant - doesn't invent it's own rediretion menthods or custom >> headers, etc. >> > > +1 > > >> >> EH >> >> > -----Original Message----- >> > From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf >> > Of Mike Jones >> > Sent: Thursday, April 19, 2012 9:49 AM >> > To: Murray S. Kucherawy; oauth@ietf.org WG; Apps Discuss >> > Subject: Re: [OAUTH-WG] [apps-discuss] Web Finger vs. Simple Web >> > Discovery (SWD) >> > >> > There are two criteria that I would consider to be essential >> requirements for >> > any resulting general-purpose discovery specification: >> > >> > 1. Being able to always discover per-user information with a single GET >> > (minimizing user interface latency for mobile devices, etc.) >> > >> > 2. JSON should be required and it should be the only format required >> > (simplicity and ease of deployment/adoption) >> > >> > SWD already meets those requirements. If the resulting spec meets those >> > requirements, it doesn't matter a lot whether we call it WebFinger or >> Simple >> > Web Discovery, but I believe that the requirements discussion is >> probably >> > the most productive one to be having at this point - not the starting >> point >> > document. >> > >> > -- Mike >> > >> > -----Original Message----- >> > From: apps-discuss-boun...@ietf.org [mailto:apps-discuss- >> > boun...@ietf.org] On Behalf Of Murray S. Kucherawy >> > Sent: Thursday, April 19, 2012 9:32 AM >> > To: oauth@ietf.org WG; Apps Discuss >> > Subject: Re: [apps-discuss] [OAUTH-WG] Web Finger vs. Simple Web >> > Discovery (SWD) >> > >> > By all means people should correct me if they think I'm wrong about >> this, but >> > so far from monitoring the discussion there seems to be general support >> for >> > focusing on WebFinger and developing it to meet the needs of those who >> > have deployed SWD, versus the opposite. >> > >> > Does anyone want to argue the opposite? >> > >> > -MSK, appsawg co-chair >> > >> > _______________________________________________ >> > apps-discuss mailing list >> > apps-disc...@ietf.org >> > https://www.ietf.org/mailman/listinfo/apps-discuss >> > >> > >> > _______________________________________________ >> > OAuth mailing list >> > OAuth@ietf.org >> > https://www.ietf.org/mailman/listinfo/oauth >> _______________________________________________ >> apps-discuss mailing list >> apps-disc...@ietf.org >> https://www.ietf.org/mailman/listinfo/apps-discuss >> > >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
