shibboleth-dev - Re: [Shib-Dev] [IdPv3] Clustering & Data Storage
Subject: Shibboleth Developers
List archive
- From: Michael Schwartz <>
- To:
- Cc: Drummond Reed <>
- Subject: Re: [Shib-Dev] [IdPv3] Clustering & Data Storage
- Date: Wed, 2 Mar 2011 09:17:31 -0600 (Central Standard Time)
The benefits are simple: XRI provides a registered namespace like DNS.
DNS is very limited. It works great for looking up IP addresses, but its not really good for much else.
Like DNS, with XRI, organizations control their own namespace. So when I registered
@gluu, my organization's i-number is : @!DA85!5F98!95A1!CA3B
I can extend this namespace as I see fit, for example:
@gluu*mike = @!DA85!5F98!95A1!CA3B!ABCD
A better naming system would have a myriad uses. How can two people exchange data? How can you lookup organizational data? How can you reference global groups? It would also provide an easy solution for SP-initiated authentication (right now you can't do a lookup on a person, so we are thinking of all the crazy work-arounds). Really, the benefits of being able to globally name things are too numerous to list.
The Internet architects created a Internet scale naming system to replace the hosts file, but they didn't see the name to create an Internet scale /etc/passwd file. XRI answers this finally.
- Mike
--------------------------------------------------------------------------------------
Michael Schwartz
Gluu
Founder, CEO
https://www.gluu.org
+1 646-810-8761
On Wed, 2 Mar 2011, Chad La Joie wrote:
Yes, you've brought up XRI numerous times. To date I don't see any
benefits and no one has ever provided a list. In addition, the use of
XRI's would require all existing persistent identifiers to be
re-issued which is a pretty steep cost.
That said, there is certainly nothing that would prevent some one from
creating a plugin that used them,
On Wed, Mar 2, 2011 at 15:34, Michael Schwartz
<>
wrote:
Persistent ID Mapping
This data maps a persistent ID to an internal user identifier (e.g.,
an LDAP UID). The way that this data is currently constructed
requires it to be replicated. Alternative means of generating this
value (e.g., something akin to the old crypto handle) could remove
this requirement and I think I'll investigate supporting such a
mechanism for v3. If this data is lost all user settings associated
with those IDs are lost and that would be bad.
I'd like to suggest XRI identifiers here. A consistent naming design across
institutions could greatly enhance the opportunties for federation.
http://www.xdi.org
http://en.wikipedia.org/wiki/Extensible_Resource_Identifier
- Mike
--------------------------------------------------------------------------------------
Michael Schwartz
Gluu
Founder, CEO
https://www.gluu.org
+1 646-810-8761
--
Chad La Joie
www.itumi.biz
trusted identities, delivered
- [Shib-Dev] [IdPv3] Clustering & Data Storage, Chad La Joie, 03/02/2011
- Re: [Shib-Dev] [IdPv3] Clustering & Data Storage, Michael Schwartz, 03/02/2011
- Re: [Shib-Dev] [IdPv3] Clustering & Data Storage, Chad La Joie, 03/02/2011
- Re: [Shib-Dev] [IdPv3] Clustering & Data Storage, Michael Schwartz, 03/02/2011
- RE: [Shib-Dev] [IdPv3] Clustering & Data Storage, Cantor, Scott E., 03/02/2011
- RE: [Shib-Dev] [IdPv3] Clustering & Data Storage, Michael Schwartz, 03/02/2011
- RE: [Shib-Dev] [IdPv3] Clustering & Data Storage, Cantor, Scott E., 03/02/2011
- RE: [Shib-Dev] [IdPv3] Clustering & Data Storage, Michael Schwartz, 03/02/2011
- Re: [Shib-Dev] [IdPv3] Clustering & Data Storage, Michael Schwartz, 03/02/2011
- RE: [Shib-Dev] [IdPv3] Clustering & Data Storage, Cantor, Scott E., 03/02/2011
- Re: [Shib-Dev] [IdPv3] Clustering & Data Storage, Michael Schwartz, 03/02/2011
- Re: [Shib-Dev] [IdPv3] Clustering & Data Storage, Chad La Joie, 03/02/2011
- Re: [Shib-Dev] [IdPv3] Clustering & Data Storage, Michael Schwartz, 03/02/2011
Archive powered by MHonArc 2.6.16.