Precedence of YADIS information sources

Johannes Ernst jernst+lists.danga.com at netmesh.us
Sun Jan 22 20:25:05 UTC 2006 

This discussion has been going back and forth between a few people a  
few times, I think we should have it on the list.

The basic question is: what if a Relying Party obtains a response  
from an identity URL that indicates two different YADIS documents for  
the same URL, and those documents are inconsistent. It could be:

1) The response contains an X-YADIS-Location header in the HTTP  
header, and an X-YADIS-Location in the http-equiv attribute in the  
HTML, and they point to different YADIS files.

2) My query was for the xrds+xml content type, and I got back what I  
asked for, but the response also contains an X-YADIS-Location HTTP  
header, which points to a file that has different content.

What should we do in this case?

Argument A: The X-YADIS-Location HTTP header is where we really want  
to convey the information, all others are workarounds. Therefore, if  
an X-YADIS-Location header is present, all other sources of YADIS  
information shall be ignored.

Argument B: The user runs their identity URL at a service provider  
who has automatically switched on the X-YADIS-Location header for all  
their users. But our user does not like the YADIS information that  
the service provider serves; they want something else. Therefore,  
they use the http-equiv mechanism, hoping to override the X-YADIS- 
Location HTTP header. Therefore, the X-YADIS-Location header is only  
used when no other YADIS information is present.

There are probably variation of this theme, but you get the gist of  
the problem.

I recall that the W3C specs say that HTTP headers have precedence  
over http-equiv information -- however, I seem to recall that many  
people implement it the other way around for reasons similar to  
Argument B.

Which should we pick for YADIS? I believe in our in-person meeting we  
said it was going to be Argument A.



Johannes Ernst
NetMesh Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
Url : http://lists.danga.com/pipermail/yadis/attachments/20060122/070f767b/lid.gif
-------------- next part --------------
  http://netmesh.info/jernst

More information about the yadis mailing list