Re: [xri] tag for local scope comment

[Peter Davis <peter.davis@neustar.biz>]

Yes, there would be a normative doc which defines the processing rules,
semantics, transforms, encodings, etc. that would be required to make the
identifier meaningful to applications.

So the Metadata spec would lay out the required items, such as those you
listed below, which have relevance to the new identifier type.

The SAML 2 profiles specification [1] first provides guidance on what is
required to define a new profile of SAML, and then uses that guideline to
define a number of initial profiles defined by the SSTC.

--- peterd

[1] http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf


On 9/12/2005 3:14 PM, "Schleiff, Marty" <marty.schleiff@boeing.com> wrote:

> I thik it's important for the "urn" in your "($x/urn)" example to be
> documented/defined in some standard specification (I'm not familiar with
> SSTC to know if that would suffice). I think that issues like the
> following need to be specified:
> 
>  - valid syntax
>  - matching/equivalence rules
>  - normalization guidelines (e.g., how should a distinguishedName be
> represented?)
>  - description of the inherent qualities of the following identifier
> (e.g., it contains a check digit, it has certain crypto properties that
> a consumer can exercise)
>  - Some identifiers (e.g., UUID pair) include their own notion of
> resolution, so a description of how to perform non-XRI resolution
>  - if the identifier is a one-time pseudonym (don't bother setting up a
> local profile because we'll never see this identifier again)
>  - other stuff? 
> 
> 
> Marty.Schleiff@boeing.com; CISSP
> Associate Technical Fellow - Cyber Identity Specialist
> Computing Security Infrastructure
> (425) 957-5667
> 
> -----Original Message-----
> From: Peter Davis [mailto:peter.davis@neustar.biz]
> Sent: Monday, September 12, 2005 11:21 AM
> To: Drummond Reed; xri@lists.oasis-open.org
> Subject: Re: [xri] tag for local scope comment
> 
> So, for me, it seems that there is a missing piece of the puzzle.
> 
> In HTML href's (for example) there is an implied URI scheme "HTTP", in
> XDI (presumably), the default URI scheme would be XRI.
> 
> So the context determines the identifier scheme.  Now on to the metadata
> of the xri...
> 
> While it may be tempting to create metadata tags for each and every
> explicit identifier type, it seems to me a more extensible solution (one
> which does not necessarily require rev's to the MD spec as new
> identifiers arise) would be to define a single MD tag ($x for example)
> whose value is the identifier type ($x/urn)/urn:example:identifier
> 
> Would this not fulfill those requirements?
> 
> Perhaps it makes sense for the MD spec to enumerate some of the
> identifiers, and borrow a page from the SSTC, who now accepts and
> publishes additional profiles (in our case, definitions) of the $x
> namespace.
> 
> --- peterd
> 
> 
> On 9/9/2005 2:59 AM, "Drummond Reed" <drummond.reed@cordance.net> wrote:
> 
>> Mike,
>> 
>> I got the answers today. I posted my much-improved understanding of
>> the requirements on the discussion section of the proposal page at:
>> 
>> 
>> http://wiki.oasis-open.org/xri/Xri2Cd02/MetaData/I2LocalScope#head-595
>> dc3b32
>> 7ad298d3c81b3cf36df38ec07ea7245
>> 
>> I hope this helps clarify the intent (it certainly did for me).
>> 
>> =Drummond
>> 
>> -----Original Message-----
>> From: Drummond Reed [mailto:drummond.reed@cordance.net]
>> Sent: Wednesday, September 07, 2005 10:35 AM
>> To: 'Lindelsee, Mike '; xri@lists.oasis-open.org
>> Subject: RE: [xri] tag for local scope comment
>> 
>> Mike,
>> 
>> Good point. In posting the writeup I was just trying to capture what
>> I'd understood about their need for a $tag for this particular
>> identifier type from members of the Core Identifier Workgroup
>> (http://www.opengroup.org/projects/coreid/).
>> 
>> I'll reflect your message back to them and see what they say.
>> 
>> =Drummond
>> 
>> 
>> -----Original Message-----
>> From: Lindelsee, Mike [mailto:mlindels@visa.com]
>> Sent: Tuesday, September 06, 2005 4:49 PM
>> To: xri@lists.oasis-open.org
>> Subject: [xri] tag for local scope comment
>> 
>> After looking over the proposal for this issue, I have a fundamental
>> question about this proposal.
>> 
>> The first sentence in the motivation section says that a tag is needed
> 
>> to "explicitly declare that a namespace is locally scoped and thus
>> must be placed in the context of an authority to be globally unique."
>> 
>> Isn't this just basic XRI syntax?  I.e.,
>> 
>>   xri://<authority-part>/<local-part>
>> 
>> By definition, the local-part can only be understood in the context of
> 
>> the authority-part. This already guarantees global uniqueness
>> (assuming an authority doesn't have multiple entries for the same
>> subsegment -- which is likely a good assumption).
>> 
>> The example given is that of a 7 digit employee number system.
>> Wouldn't the requirement be met just by using the following XRI?
>> 
>>   xri://@example.company/1234567
>> 
>> Or if a more hierarchical XRI were desired, something to the effect
> of:
>> 
>>   xri://@example.company/id/1234567
>> 
>> Mike
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe from this mail list, you must leave the OASIS TC that
>> generates this mail.  You may a link to this group and all your TCs in
> 
>> OASIS
>> at:
>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>> 
>> 
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe from this mail list, you must leave the OASIS TC that
>> generates this mail.  You may a link to this group and all your TCs in
> 
>> OASIS
>> at:
>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>> 
>> 
>> 
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe from this mail list, you must leave the OASIS TC that
>> generates this mail.  You may a link to this group and all your TCs in
> 
>> OASIS
>> at:
>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs in
> OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>