Yadis

From Wikipedia, the free encyclopedia

Yadis is a communications protocol for discovery of digital identity services such as OpenID, OAuth, and XDI. This allows digital identities to be composed from several different services, and lets Internet users define what information they expose to third parties.

Yadis enables traditional URLs (web site addresses) or newer XRI i-names to be used as identifiers for XRDS documents representing people and services. For example, a user called Matthew White might have his Yadis home page at <www.matthewwhite.net>, or perhaps <www.myinfoservice.com/matthewwhite>. In knowing Matthew's home page address, his friend would know where to go on the web to exchange information with him.

Contents

[edit] Modular architecture

Yadis follows the REST-ful, "small pieces loosely joined" paradigm that has proven to be successful in the development of the web.

The basic assumption is that identities can be addressed with URLs or with other identifiers (such as XRI i-names) that can be resolved to URLs. Yadis then associates an XRDS document (an XML-based capability file) with each URL that expresses the associated capabilities or services.

The owner of a Yadis identifier can choose which identity services they wish to use in their XRDS document. Similarly, a relying party such as a website accepting Yadis identifiers can select an appropriate protocol to use for authentication. This can allow existing web sites, like blogs, to easily implement basic Yadis functionality (for instance, redirecting users who arrive at a blog to relevant information about the person the blog belongs to) while also making it possible to build more advanced applications (for example, allowing complex queries of a site-owner's information to be submitted directly to the Yadis site).

[edit] XRDS documents

The capability document associated with an identity URL is found either:

  1. By following a custom HTTP response header called X-XRDS-Location,
  2. By an equivalent entry in the HTML HEAD section, called
    <meta http-equiv="X-XRDS-Location" content="http://example.com/yadis.xml">, or
  3. By requesting a special mime type called application/xrds+xml when performing an HTTP GET on the identity URL.

Developers can choose which of the alternatives to implement, based on factors such as whether they can run software at the identity URL or not.

Here is an example XRDS capability document:

<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)"
xmlns:openid="http://openid.net/xmlns/1.0">
  <XRD>
    <Service priority="50">
      <Type>http://openid.net/signon/1.0</Type>
      <URI>http://www.myopenid.com/server</URI>
      <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate>
    </Service>
    <Service priority="10">
      <Type>http://openid.net/signon/1.0</Type>
      <URI>http://www.livejournal.com/openid/server.bml</URI>
      <openid:Delegate>http://www.livejournal.com/users/frank/</openid:Delegate>
    </Service>
    <Service priority="20">
      <Type>http://lid.netmesh.org/sso/2.0</Type>
      <URI>http://mylid.net/liddemouser</URI>
    </Service>
    <Service>
      <Type>http://lid.netmesh.org/sso/1.0</Type>
    </Service>
  </XRD>
</xrds:XRDS>

If this XRDS document was returned, using one of the listed mechanisms, for a URL, it would express the following information:

  • The URL is a Yadis identity URL.
  • This URL supports the OpenID protocol, through two servers and two delegates.
  • This URL supports version 1.0 and version 2.0 of the LID protocol, with a delegate.
  • The owner of this identity URL prefers to using sign-on using their LiveJournal account and the OpenID protocol (priority 10). If that is not possible (e.g. because a relying party does not support OpenID, or because the LiveJournal server is unavailable), the owner would like to use the LID URL http://mylid.net/liddemouser (priority 20), followed by the MyOpenID service (priority 50).

[edit] LID, OpenID and the developer community

Yadis was initiated by developers of the Light-Weight Identity (LID) and OpenID protocols. This collaboration was then joined by members of the OASIS XRI Technical Committee, particularly those working on i-names.

However, Yadis is an open initiative, so other developers will start using XRDS lightweight capabilities description, making possible a "mix and match" approach to building Yadis-enabled applications, enabling application developers to choose their own balance between ease of implementation on one hand, and range of features on the other.

[edit] See also

[edit] External links