What should OpenID endpoint URL have in its content?

| コメント(2) | トラックバック(0)

I'm looking to implementing a few of various aspects of "Open - Distributed - Social" thingy recently.  The primary interest right now is to leverage OpenID endpoint URL more, because that's the URL accepted, for example, when a commenter tries to comment on my Movable Type powered blog.

For example, Vox and LiveJournal specify the blog's main index page as the OpenID endpoint for the blog's owner.  Both Vox and LiveJournal have other information in the main index page, such as link to FOAF and Atom feed.  Net::OpenID leverages the fact and retrieve FOAF and/or Atom feed to annotate OpenID with those semantic information.

Things are a bit different in the current addition of OpenIDs.  AOL, Yahoo, livedoor, and Hatena, have the dedicated page to their users' OpenID endpoint.  Those pages does not have much information except explaining that they are OpenID endpoint.  Yes, nothing is wrong with that, of course.

WordPress has a cool plugin called hAvatar.  Basically the plugin accepts commenter's URL either from what is manually entered, or from OpenID the commenter has signed in.  It retrieves the resource from the URL and search for hCard, to grab the photo of the person (== commenter), and load the photo as the commenter's userpic.  Neat.

I am trying to implement the same function in Movable Type.  The implementation is easy thanks to HTML::TreeBuilder::XPath.  However the problem is that not too many OpenID endpoints actually has hCard.  Among the four I listed above, Hatena's page is the only page which has some information ( username and userpic ).  Hatena's, however, is not marked as hCard.

Now I'm wondering, if the idea of hAvatar is really valid in practice.  Should OpenID endpoint have more information about who the OpenID actually is, when it is simply retrieved via HTTP GET?  Or, in more REST-y sense, what resource should OpenID URL represent?  And how?


トラックバックURL: http://www.luckypines.com/cgi-bin/mt/bt-tm.cgi/906


There were a couple sessions about just that at both the OpenID Dev Camp and the Social Graph Foo Camp, but I missed them. Seems to me that the OpenID should be the profile page, unless there's a more compelling “this person’s page” to use instead (but then the machine-readable profile should still be there). Having a “this is an OpenID!” page is just useless—it *is* a URL and people *are* going to go to it.

I would say such a machine-readable profile should have:

* hCard with avatar
* OpenID authentication
* Yadis service discovery for OpenID 2, OAuth, etc

I completely agree. Not the blog's main index, not the "This is OpenID URL, you are not supposed to be here" page, but more like the profile page. After all, the url represents identifier, of myself.



このページは、Fumiaki Yoshimatsuが2008年2月 7日 12:30に書いたブログ記事です。

ひとつ前のブログ記事は「YouTubeの共有機能でMovable Typeへ投稿するには」です。

次のブログ記事は「OAuthは"OH AUTH"だよ」です。