Question: Yadis Service URIs in the OpenID Auth case

Gabe Wachob gabe.wachob at
Mon Aug 28 18:00:00 UTC 2006

> So, Gabe, if the meaning of the ProviderID element in a SEP is not defined
> by the XRI resolution spec, then were is it defined? By the SEP type?

I think so. 

And the reason is that we would have to get into definitional issues that I
don't think we want/need to get into - who is a 'provider'? Depends on the
service, doesn't it? For example, we already have some disagreement about
being able to assume things about shared secrets in OpenID and the scope of
that sharing and how that impacts how the endpoints are described. Shouldn't
it therefore be an OpenID decision to decide how services are advertised and
not an XRI-imposed requirement? An OpenID component will be the one
interpreting the service blocks anyway... so shouldn't OpenID define the
interpretation of these service blocks? 

> I'm open to a different opinion -- whatever we decide I think that XRI
> Resolution 2.0 Working Draft 11 should be unambiguous about who defines
> the
> meaning of the ProviderID element in a SEP.

I don't think ambiguity is the issue - I think it's an issue of whose
definition of service provider we are talking about and I'm humble enough to
fear being the one to define what a service provider is for anyone who might
possibly use XRI resolution or even just XRDs...


More information about the yadis mailing list