Draft-001
From Yadis
Note: This page describes a draft set of changes to the Yadis spec. The changes proposed here have now been incorporated, either in whole or in part, into the main spec. This draft remains for historical reference only.
The goal of the changes in Draft 1 is to make a few changes that remove the OpenID- and LID-centric elements of the original Yadis proposal and work towards a generic layer of abstraction over existing identity-based capabilities.
Summary of Changes
- Both the page at the identity URL and the capability document can be just a static document on your website.
- The endpoints for the declared authentication services are configurable rather than assumed to be the same as the capability document.
- The trick of requesting with ?meta=identity to as a hint to provide a capability document has been replaced with the use of the HTTP Accept header, which is less likely to conflict with existing applications at the identity URL and can be implemented using the content negotiation capabilities in Apache. The indirection through HTML is still provided for those who are unable to switch based on the Accept header.
- OpenID's delegation capability is not supported through Yadis. Yadis itself provides the same end result, so OpenID-specific support is unnecessary.
- The LID profile exchange feature is no longer part of the core spec. Profile exchange is just another capability, and since Yadis does not affect the underlying LID protocols the usage of LID profile exchange is no longer included.
Editor's Notes
This draft does not change the currently-specified capability document format, and so the new Impact chapter uses the existing format in its examples. However, this proposal does not include any particular capability document format, as the choices are currently being discussed elsewhere.
Draft Specification
The chapters affected by this draft are shown in bold. Other chapters are unchanged.
- Background
- Goals
-
Architectural Assumptions
- Fully decentralized, and no one point of control
- Let many (interoperable) flowers bloom
- URLs as identifiers
- REST-ful and easy to use for developers
-
User Scenarios
- Scenario: Authentication at website
-
Yadis Protocol
- Capability Discovery Protocol
- Authentication
- Profile data exchange
-
Formats
- application/x-meta-identity
- Impact on LID and OpenID
-
Examples
- Log on at an OpenID site (non-delegated case)
- Log on at a LID site (non-delegated case)
-
Terminology
- Developer terminology
- End-user terminology
- Possible Future Work
- For more information