Blaine,
Your issues were not ignored, but I do not think there was consensus one
way or the other on them. Your points were:
1) Recommendation to use JSON only
2) A question about what the JSON format would look like
3) Direct vs. indirect queries (i.e., whether to use resource parameter)
I replied to each of these and others commented on parts, too. My opinions:
1) Given that RFC 6415 already specifies use of XML and is only months
old, I hesitate to demand that only XML be used. Further, it's trivial
for the server to do both. The client will be able to use whatever it
prefers. I can be convinced to drop XML, but I think we should make
this decision carefully and with everyone in agreement.
2) I suggested we use JRD since it is defined. Was there any
disagreement on that?
3) This issue is a point where there was clear division. The OpenID
Connect team wants to be able to issue a single query and get a reply.
You had an interest to use a static server. I investigated how we could
do both. If one used Apache, for example, one could build a static site
and still support the resource URI. Here's a couple of ways to do it:
http://www.packetizer.com/webfinger/server.html (using either .htaccess
or the global config file). What cannot be accomodated is the "rel"
parameter, but I'd guess static sites will not produce voluminous
results, anyway.
So, it's not accurate to say your issues were ignored. We simply did
not have strong consensus one way or the other. There were strong
opinions on (3), so I tried to find a solution that might be
acceptable. We may need more discussion on all of these points, of course.
Paul
On 5/8/2012 2:40 AM, Blaine Cook wrote:
I disagree that the current spec is a good starting point - the issues
I've raised have been ignored, and the spec is now much more
complicated from both sides of the implementation fence.
On May 7, 2012 3:17 PM, "Paul E. Jones" <pau...@packetizer.com
<mailto:pau...@packetizer.com>> wrote:
Walter,
I'm not sure what the full set of issues will be, but I only have
a couple of small edits queued for -05 at present (one being
"template" should be "href" in the example at the end of 4.2 that
you pointed out to me privately). We've already worked through a
number of issues to get to this point, so there may not be a lot
of changes needed. I'll not dismiss the possibility that there
are editorial issues, but I hope we've resolved most of the
technical details.
We probably still need to have the discussion of keeping CORS and
what additions are needed to the security section. We've made a
few changes there already, but I'm not sure if it still fully
addresses some of the privacy concerns.
Paul
On 5/7/2012 5:37 AM, Goix Laurent Walter wrote:
I also support this draft as a way forward for the discussion
that I think captures the essence of both philosophies.
If such basis is agreed what are the major pending issues?
Regards
Laurent-walter
*Da:*apps-discuss-boun...@ietf.org
<mailto:apps-discuss-boun...@ietf.org>
[mailto:apps-discuss-boun...@ietf.org] *Per conto di *Gonzalo
Salgueiro (gsalguei)
*Inviato:* venerdì 4 maggio 2012 21.50
*A:* Murray S. Kucherawy
*Cc:* oauth@ietf.org <mailto:oauth@ietf.org>;
apps-disc...@ietf.org <mailto:apps-disc...@ietf.org>
*Oggetto:* Re: [apps-discuss] draft-jones-appsawg-webfinger-04
I support this doc being adopted as starting point for WG discussion.
Regards,
Gonzalo
On May 4, 2012, at 3:03 PM, "Murray S. Kucherawy"
<m...@cloudmark.com <mailto:m...@cloudmark.com>> wrote:
The above-named draft has been offered as the recommended
path forward in terms of converging on a single document to
advance through appsawg. The conversation I saw this week in
that regard has seemed mostly positive.
Please review it, or at least the diff, and indicate your
support or objection on apps-disc...@ietf.org
<mailto:apps-disc...@ietf.org> to adopting this one as the
common path forward. We would like to make a decision about
which one to begin advancing in the next week or two.
Have a good weekend!
-MSK, APPSAWG co-chair
_______________________________________________
apps-discuss mailing list
apps-disc...@ietf.org <mailto:apps-disc...@ietf.org>
https://www.ietf.org/mailman/listinfo/apps-discuss
_______________________________________________
OAuth mailing list
OAuth@ietf.org <mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
