←Older revision | Newer revision→
Issue: What is Yadis?
I think the truth probably needs to be somewhere in the middle. If all we do is capability discovery, as some have asked: "so what, how does that really deliver any/much value?" On the other hand, I don't think we as a group currently have the knowledge or ambition to build a ubiquitous system of any kind, so we rather not overpromiseor overgeneralize. I'm in favor of:
"Yadis is a project, and a family of protocols that over time, will collect and standardize many digital identity-related protocol features that are REST-ful / use URL-based identifiers, as soon as there is agreement ... ". If there is no agreement, Yadis stays small; if there is lots of agreement, it will grow where people want it to grow (which, by definition, appears to be a good thing.)
For example, the i-names, OpenID and LID folks have been discussing converging on a single single-sign-on protocol. We should be able to have this discussion under the Yadis umbrella.
I don't know about anyone else, but I've already been thinking about other applications of Yadis beyond the basic "Shall I use OpenID or LID here?" question. Some may remember my proposal not long after OpenID 1.0 was finished for user-accompanied RPC, providing a standard encapsulation protocol for operations like having Flickr post pictures in my weblog automatically with my permission.
One thing it was missing was a good mechanism to find out what APIs were supported by a given endpoint. Yadis seems to fit the bill here, if you don't mind it being generalised to "What does this URL support?" rather than "What does this identity support?". The weblog itself would declare the capability of being able to be posted to, and so you'd just say to Flickr "Post in my weblog http://joe.bloghost.com/" and Flickr can figure out what to do from there by doing Yadis discovery on that URL.
If you make it too specific to people and identities then this won't be possible. I'm sure other people can think of other ideas you can build on top of "here is a list of things that this URL can do".
- Johannes Ernst: I would very much support this idea. Capability lookup has nothing to do with identity per se, other than that identity needs it. Let's not introduce a dependency where there is none.
Even aside from the technical concerns, lumping too many things under one term always causes confusion. If you want to use the word YADIS to describe a sign-on protocol, then let's call our capability discovery system something else. It's just asking for a name involving the word "disco". :)