Redirect on YADIS ID de-reference?

Martin Atkins mart at degeneration.co.uk
Fri Nov 25 00:17:51 PST 2005


Mark Rafn wrote:
> On Thu, 24 Nov 2005, Martin Atkins wrote:
> 
>> While this is not directly relevant, OpenID specifies that the
>> "Permanent Redirect" response code act as a kind of canonicalizer for
>> the identity URL. If the user enters http://frank.livejournal.com/ and
>> gets back a redirect to http://www.franknet.com/ an OpenID consumer must
>> behave as if the user had originally entered http://www.franknet.com/,
>> including the display of the user's identity.
> 
> 
> Woah.  I didn't read any requirement nor recommendation that the
> canonicalized identity be used for display.  I argue that the claimed
> identity (pre-canonicalization) is what the user will usually prefer.
> Better, of course, would be for a consumer to keep display name completely
> separate from authentication, and allow me to display "Dagon", with a
> claimed identity "dagon.net" and a canonical identity URL
> http://www.dagon.net/".
> 
> Some consumers will choose to display claimed identity (LiveJournal does
> today). I hope that none will choose to display canonicalized identity.

The intention of this requirement in OpenID is to allow for URL
canonicalization so that the user can enter (for example)
idsite.com/fred and have the server canonicalize it to
http://www.idsite.com/fred/ if appropriate. It's an acknowledgement that
users don't want to type in whole, canonical URLs and yet canonical URLs
are important for matching users from session to session and inter-site.

OpenID defined the display name as "out of scope" since it's profile
exchange. YADIS will now address this by allowing consumers to discover
that an OpenID identity also supports LID profile exchange.



More information about the yadis mailing list