[mdx] GH issue 2: Capability discovery
Ian Young
ian at iay.org.uk
Fri Nov 29 08:35:31 PST 2013
On 29 Nov 2013, at 16:15, Leif Johansson <leifj at sunet.se> wrote:
>> * Under what circumstances would one be setting up a client where there was doubt as to whether the responder supported some facility that the client required?
> a centralized "discojuice"-like service is one example but anytime you have a management-interface for adding (say) a new mdx endpoints its useful to be able to tell the user what that endpoint supports
>> * Possibly more interestingly, given a way to discover the capability or lack of it, what would the client in this use case do next?
> at the very least help with diagnostics!
OK, so no proposal for any kind of automated fallback, basically error handling if you're using advanced capabilities.
>> * It requires TLS, whereas that is optional for us
> We can always profile webfinger for our purpose but this issue is fundamentally about operations and not about implementation so I don't think this is an argument
Sorry, I don't understand what you're saying there about "operations". Can you rephrase?
>> * It works from well-known URLs at the root of the virtual host, whereas our base URL allows for multiple responders per virtual host
> WebFinger uses the resource argument to handle virtual hosts so thats also not an argument against webfinger.
My point is that the place you make WebFinger requests is at a location which may be outside the md-query responder's base URL. This has implications for implementations: for example, you couldn't package the capability responder in the same web application context as the rest of the code, and the same webfinger responder would have to be able to handle capability discovery for all of the query responder contexts on that virtual host.
Unless I've misunderstood the webfinger spec, that's pretty much a deal breaker for me.
>> * It's really aimed at acquiring information about things *other* than the responder, such as IdP discovery
> It can be used for anything related to a URI.
It would be helpful if you could give us an example of the URI you think would be used with webfinger to implement capability discovery, and the corresponding response you'd like to see.
-- Ian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.iay.org.uk/pipermail/mdx-iay.org.uk/attachments/20131129/ad6f6e0d/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5943 bytes
Desc: not available
URL: <http://lists.iay.org.uk/pipermail/mdx-iay.org.uk/attachments/20131129/ad6f6e0d/attachment.bin>
More information about the mdx
mailing list