Question: Yadis Service URIs in the OpenID Auth case
David Fuelling
sappenin at gmail.com
Thu Aug 24 14:30:13 UTC 2006
> -----Original Message-----
> From: yadis-bounces at lists.danga.com [mailto:yadis-bounces at lists.danga.com]
> On Behalf Of Johannes Ernst
> Sent: Wednesday, August 23, 2006 8:54 PM
> To: OpenID Discussion
> Subject: Question: Yadis Service URIs in the OpenID Auth case
>
> Assume I'm doing Yadis discovery in the context of OpenID
> Authentication. I'm finding a Yadis file that specifies OpenID Auth
> as a service type, and lists 2 service URIs for that service type
> (version the same and all, but different priorities)
>
> Am I correct that it would be false to assume that:
> - the two service URIs reside on the same server;
> - are maintained by the same organization;
> - use the same negotiated D-H secret (aka I negotiate with one
> service URI, but successfully use it with the other), even if they
> are very similar URIs.
[df] Is there something inherent to OpenID that mandates your 3
assumptions? If an organization is advertising a single Yadis <service>
that has 2 different URI's (version the same, except different priorities),
shouldn't we assume that the 2 URI's DO actually point to the same service?
If not, then why even use the priority attribute -- instead it would seem to
make sense to put the two URI's into separate <Services>.
In addition, whether each Service URI points to the same server (physically)
or is maintained by the same organization seems to be a moot point, so long
as all of the servers in a given "service" are talking to each other,
provide the same underlying functionality, and thus use the same D-H
secret).
Does OpenId place some assumptions/restrictions onto Yadis that I'm not
aware of? Or, am I conceiving of how Yadis works in the wrong way?
Thanks!
David
More information about the yadis
mailing list