XRDS for OpenID and Information Cards
Convener & Notes-taker: Axel Nennker
XRDS, Open ID, Information Cards
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
We should use XRDS (Simple) to let a RelyingParty/OpenIdConsumer/Resource/Service express its needs and the services it provides.
Something along these lines is describes here http://ignisvulpis.blogspot.com/2008/10/information-cards-with-xrds.html
* The relying party (https://xmldap.org/relyingparty/) provides a HTML LINK-rel element in the html code. * A browser extension finds the LINK element and downloads the XRDS document the LINK points to. * The browser extension looks for service types it is willing to support * In the case of Information Cards it retrieve the "policy" of the relyingparty * If the user now chooses to start the card selector the applicability of a card is governed by the RP policy. * After the security token has been generated it is send to the RP service endpoint listed in the XRDS document. This transfers the user's credentials/claims aka "security token" to the RP.
What we should agree on in this session is a set of XRDS types that are suitable for OpenId.
First here are the things for Information Cards:
* http://infocardfoundation.org/policy/1.0/login Describes where the policy can be retrieved. The scheme in the Uri part of this services SHOULD be https. * http://infocardfoundation.org/service/1.0/login Describes where the security token can be posted to. The scheme in the Uri part of this services SHOULD be https.
What is needed for OpenId?
If these two XRDS types are accepted what is the "policy"?