Thursday, May 15, 2008

XRDS for Information Cards?

One of the topics that came up at the most recent IIW (IIW2008a) in a couple of sessions, is the concept of allowing an RP/SP to describe it's services and requirements in a passive way. The goal being to allow "Identity Agents" to provide a progressively better user experience. A user should be able to interact with the RP in a normal "dumb" browser session, but also allow tools (e.g. an Identity Agent) to provide a much more seamless experience.

In an InfoCard Capabilities session, lead by Pamela Dingle, there was some discussion about how to do this technically. The following is a proposal for one way this might be accomplished.

The "Relying Party" would need to...
  • define an XRDS file describing identity protocols supported, services provided, and other metadata
  • allow for discovery of the XRDS file through normal XRI resolution (section 6)
  • additionally allow for discovery by adding a
    <link rel=”xrds.metadata” target=”location-of-xrds-file”/>
    in the <head> section of the pages provided by the relying party

The "Identity Agent" would need to...
  • look in web page dom for the xrds.metadata link
  • retrieve and parse XRDS document
  • find supported identity mechanisms and endpoints
  • invoke card selector
  • allow user to select card
  • post card to endpoint specified in the XRDS document


What could the XRDS markup look like for an InfoCard relying party?

First we need to define some <Type> URIs to represent different metadata characteristics of the relying party relating to InfoCards. Here are some possible examples...

<Type>http://infocardfoundation.org/policy/1.0/login</Type>
This type identifies the service/endpoint describing the claims required for login.
<Type>http://infocardfoundation.org/policy/1.0/registration</Type>
This type identifies the service/endpoint describing the claims required for registration.
<Type>http://infocardfoundation.org/service/1.0/login</Type>
This type identifies the service/endpoint where the login token should be sent.
<Type>http://infocardfoundation.org/service/1.0/registration</Type>
This type identifies the service/endpoint where the registration token should be sent.


An example XRDS document could look like...

<?xml version=1.0 encoding=UTF-8?>
<XRDS xmlns=xri://$xrds>
<XRD xmlns=xri://$XRD*($v*2.0) version=2.0>
<Type>xri://$xrds*simple</Type>
<!-- Service specification that identifies the endpoint of the infocard policy for login claims -->
<Service>
<Type>http://infocardfoundation.org/policy/1.0/login</Type>
<URI>http://sp.example.com/policy/login.xml</URI>
</Service>
<!-- Service specification that identifies the endpoint of the infocard policy for registration claims -->
<Service>
<Type>http://infocardfoundation.org/policy/1.0/registration</Type>
<URI>http://sp.example.com/policy/registration.xml</URI>
</Service>
<!-- Service specification that identifies the endpoint for submitting login claims -->
<Service>
<Type>http://infocardfoundation.org/service/1.0/login</Type>
<URI>http://sp.example.com/login</URI>
</Service>
<!-- Service specification that identifies the endpoint of the infocard policy for login claims -->
<Service>
<Type>http://infocardfoundation.org/service/1.0/registration</Type>
<URI>http://sp.example.com/registration</URI>
</Service>
</XRD>
</XRDS>

Thursday, May 08, 2008

How times change

I must be getting "old" as I find the following humorous.

The other morning my daughter said she was doing a report on "family life" in the 1980's. My wife (who likes to research things) grabbed her laptop and started looking information on the 1980s. She finds a site and reads something like...

In the early 80's, the computer game "Pac Man" was released in color making all previous black and white games obsolete.


To which my daughter responds... "What's Pac Man?"

Friday, May 02, 2008

Community Convergence

There has been much talk in our industry about Technical Convergence (i.e. moving toward one protocol for a particular task). However, before there can be Technical Convergence, there needs to Community Understanding and potentially Convergence.

That's why I'm excited to be attending the Internet Identity Workshop in Mt. View, CA the week of May 12. This is one of those places where Community Understanding takes place and sometimes even Community Convergence.

Hope to see you there!