[mdx] Metadata Retrieval Protocol, WD03
Leif Johansson
leifj at mnt.se
Tue May 25 14:35:54 PDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/15/2010 09:50 PM, Chad La Joie wrote:
> After a long hiatus, I'm back to working on this stuff. Attached is
> draft 3 of the metadata retrieval protocol. The most significant change
> is in the layout.
>
> The actual content changes include:
> - Explicit statement of HTTP status codes used by the service
> - Explicit requirement to support md5 and sha1 hashing mechanisms as
> identifier transformations
I started in on an implementation a couple of days ago and came up with
two things I'm missing from this:
1. Multiple collection identifiers/tags. I think we will need to be able
to express "InC+Silver" or "SWAMID+testing" or "haka+production+
dreamspark" and both for collections and for individual entities...
For instance federation operators will need to allow IdPs to opt-in to
certain metadata-feeds - for instance when IdPs are required to fulfill
extra requirements to play well with the SP.
I think we could do this by using the del.icio.us URL pattern
<base_url>/entity-collection/{id1}+{id2}+...
and even
<base_url>/entity/{id1}+{id2}+...
In fact by treating the entityID as another "tag" the two URL patterns
coincide and the only thing the consumer needs to do is to be able to
handle multiple entities or empty results for all queries.
<base_url>/entities/{id1}+{id2}+...
and {id*} can be an entityID, an transformed entityID, a collections
identifier or a "tag" and the semantics is that all have to match (AND)
So we would wind up with a single URL pattern again...
2. We might want to have a way to specify the signer. Lets say my
MDX can handle multiple key-pairs each identified by an alias. We
could stick this in the base_url so it doesn't really change anything
but it might be good to spell this out in the spec...
<base_url>/{signer}/... something...
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkv8QroACgkQ8Jx8FtbMZneAWQCdEtgqCPXTXxkR1mL+AmzYXJb5
UQ0AoIe1Z4dgVPys+hAx0FtY5Z2xNb0b
=sLLI
-----END PGP SIGNATURE-----
More information about the mdx
mailing list