Proposal: consumer sends special openid.server discovery header
URL/arg
Brad Fitzpatrick
brad at danga.com
Thu May 19 15:46:44 PDT 2005
Big sites (say, LiveJournal) have many layers of HTTP proxies and servers.
Anything that can stop a request early and not pass it down to lower
layers is great.
For example, our userpic URLs never change, so if we see a
If-Modified-Since request on any of them, our upstream load balancers can
reply with a not modified and avoid about 3 or more layers of servers and
proxies.
With all the auto-discovery of openid.server <link> tags that will
be happening, I'd like the major players (both consumers and servers) to
agree on one of the following two "hints" that the GET request being made
is only being done to get the openid.server value.
Either:
1) New URL argument:
GET /users/brad/?openid.hint=find_server
Host: www.livejournal.com
or:
2) New HTTP header:
GET /users/brad/
Host: www.livejournal.com
X-OpenID-Hint: find_server
The former has the advantage that it doesn't mess with caches, and it'll
show up in people's access logs by default. It's probably my preference,
now that I think about it.
I'm throwing out the second just for a possibly less-intrusive
alternative. It won't break caches if people send Pragma: no-cache and/or
Cache-Control headers back when they use X-OpenID-Hint to send alternative
content.
or maybe:
3) Accept:, Accept-Language: ? Both don't feel exactly right, but at
least it'd be closer to a spec.
Thoughts?
More information about the yadis
mailing list