Skip to main content
Jump to: navigation, search

Difference between revisions of "ContextId"

(tweaks to OpenID section)
(+ Context Discovery section)
Line 6: Line 6:
 
A '''ContextId''' is a URI or XRI that identifies one [[Context]].
 
A '''ContextId''' is a URI or XRI that identifies one [[Context]].
 
* A [[ContextId]] MUST conform to the ABNF defined below.
 
* A [[ContextId]] MUST conform to the ABNF defined below.
* [[ContextId]]s either directly or indirectly (e.g. by resolution) provide sufficient information to both identify and open a [[Context]]. See [[Context Discovery]].
+
* A [[ContextId]] must directly or indirectly (e.g. by resolution) provide sufficient information to both identify and open a [[Context]]. See the ''Context Discovery with a ContextId'' heading below.
 
* Two different [[ContextId]]s may refer to the same [[Context]].
 
* Two different [[ContextId]]s may refer to the same [[Context]].
* If two [[ContextId]]s are equal, they refer to the same underlying [[Context]] dataset, although not necessarily the same [[Context]] "container" instance. This means a different [[Digital Identity]], based on the authorization passed in during authentication, may see different subsets of the [[Context]]. A given [[ContextId]] may be used against multiple [[Context Provider]]s to produce the same [[Context]] (although, as mentioned, different [[Context]] instances).
+
* If two [[ContextId]]s are equal, they refer to the same underlying [[Context]] dataset, although not necessarily the same [[Context]] "container" instance. This means that, as a requester of information, different [[Digital Identity|Digital Identities]] may see different subsets of the [[Context]] based on the authorization passed in during authentication. A given [[ContextId]] may be used against multiple [[Context Provider]]s to produce the same [[Context]] (although, as mentioned, different [[Context]] instances).
 
* The [[Identity Attribute Service (IdAS)]] can be used as a service to access a [[Context]] given a [[ContextId]]
 
* The [[Identity Attribute Service (IdAS)]] can be used as a service to access a [[Context]] given a [[ContextId]]
  
 
== Syntax ==
 
== Syntax ==
This [http://en.wikipedia.org/wiki/Augmented_Backus-Naur_form ABNF] defines a Higgins [[ContextId]]. Rules not defined in this ABNF are defined in the [http://wiki.oasis-open.org/xri/XriCd02/Xri2dot0Abnf ABNF for XRI 2.0] (which includes the IRI ABNF from [http://www.ietf.org/rfc/rfc3987.txt RFC 3987]).
+
The following [http://en.wikipedia.org/wiki/Augmented_Backus-Naur_form ABNF] defines a Higgins [[ContextId]]. Rules not defined in this ABNF are defined in the [http://wiki.oasis-open.org/xri/XriCd02/Xri2dot0Abnf ABNF for XRI 2.0] (which includes the IRI ABNF from [http://www.ietf.org/rfc/rfc3987.txt RFC 3987]).
  
 
  contextId          = contextURI / contextXRI
 
  contextId          = contextURI / contextXRI
Line 24: Line 24:
 
  contextXRI        = [ "xri://" ] contextQXRI /                                                  ;see note 2
 
  contextXRI        = [ "xri://" ] contextQXRI /                                                  ;see note 2
 
                       contextHXRI                                                                ;see note 3
 
                       contextHXRI                                                                ;see note 3
  contextQXRI        = xri-authority ( "/($context) [ "*" / "!" ] / "/$context" ) [ xri-segment ] ;see note 4
+
  contextQXRI        = xri-authority [ "/($context) [ "*" / "!" ] / "/$context" ) [ xri-segment ] ] ;see note 4
 
  contextHXRI        = proxy-resolver "/" contextQXRI
 
  contextHXRI        = proxy-resolver "/" contextQXRI
 
  proxy-resolver    = ( "http://" / "https://" ) proxy-reg-name
 
  proxy-resolver    = ( "http://" / "https://" ) proxy-reg-name
Line 31: Line 31:
 
Notes:
 
Notes:
  
# These are the first two file types are designed expressly for discovery and description of resources using HTTP(S) URIs and/or XRIs. XRDS format is defined by [http://www.oasis-open.org/committees/download.php/24286/xri-resolution-v2.0-wd-11-ed-02.doc XRI Resolution Working 2.0]. XDI format is being defined by the OASIS XDI Technical Committee. Future file types can be supported by extending this ABNF rule.
+
# ".xrds" and ".xdi" are formats designed expressly for discovery and description of resources using HTTP(S) URIs and/or XRIs. XRDS format is defined by [http://www.oasis-open.org/committees/download.php/24286/xri-resolution-v2.0-wd-11-ed-02.doc XRI Resolution Working 2.0]. XDI format is being defined by the [http://www.oasis-open.org/committees/xdi OASIS XDI Technical Committee]. Other resource description file types can be supported by extending this ABNF rule.
# QXRI (Query XRI) is an XRI in URI-normal form without the "xri://" prefix. See [http://www.oasis-open.org/committees/download.php/24286/xri-resolution-v2.0-wd-11-ed-02.doc XRI Resolution 2.0].
+
# QXRI (Query XRI) is an XRI in URI-normal form without the "xri://" prefix. See [http://docs.oasis-open.org/xri/2.0/specs/cd02/xri-resolution-V2.0-cd-02.pdf XRI Resolution 2.0].
# HXRI (HTTP(S) XRI) is the format for encapsulating an XRI within an HTTP(S) URI for purposes of resolution by an XRI proxy resolver. See section 8 of [http://www.oasis-open.org/committees/download.php/24286/xri-resolution-v2.0-wd-11-ed-02.doc XRI Resolution 2.0].
+
# HXRI (HTTP(S) XRI) is the format for encapsulating an XRI within an HTTP(S) URI for purposes of resolution by an XRI proxy resolver. See section 6 of [XRI Resolution 2.0 Committee Draft 02 XRI Resolution 2.0].
 
# The two different forms of QXRI path shown here -- '''/($context)''' and '''/$context''' -- are to accommodate both [http://wiki.oasis-open.org/xri/XriCd02/Xri2dot0Abnf XRI 2.0 syntax] and the [http://wiki.oasis-open.org/xri/XriThree/SyntaxAbnf simplified syntax proposed for XRI 3.0].
 
# The two different forms of QXRI path shown here -- '''/($context)''' and '''/$context''' -- are to accommodate both [http://wiki.oasis-open.org/xri/XriCd02/Xri2dot0Abnf XRI 2.0 syntax] and the [http://wiki.oasis-open.org/xri/XriThree/SyntaxAbnf simplified syntax proposed for XRI 3.0].
  
Line 72: Line 72:
 
  http://xri.example.com/@example/$context$openid
 
  http://xri.example.com/@example/$context$openid
 
  https://xri.example.org/@1000.a1b2.c3d4.9999/$context$ldap
 
  https://xri.example.org/@1000.a1b2.c3d4.9999/$context$ldap
 +
 +
== Context Discovery using a ContextId ==
 +
A key property of a [[ContextId]] is that it can be resolved into the metadata necessary open a [[Context]]. Following are the discovery rules for each form of ContextId.
 +
 +
=== ContextURI Discovery ===
 +
Note that since URIs do not share the same structured identifier characteristics as XRIs, they must resolve directly to an XRDS or XDI document containing the necessary Higgins context configuration metadata as described in this section.
 +
 +
==== ContextfileURI ====
 +
# Open the identified file.
 +
# For an XRDS file, select the highest priority service endpoint that conforms to the [[Higgins XRDS Service Endpoint]] requirements.
 +
# For an XDI X3 file, parse the Higgins context configuration metadata from the X3 document as described in [[Higgins XDI Context Reference]].
 +
 +
==== ContexthttpURI ====
 +
# Resolve the URI to a discovery document as specified in Section 6 of [http://docs.oasis-open.org/xri/2.0/specs/cd02/xri-resolution-V2.0-cd-02.pdf XRI Resolution 2.0] using EITHER OR BOTH of the following MIME types (depending on the client's preferred format and the server's available options):
 +
## '''application/xrds+xml''' for an XRDS document.
 +
## '''text/x3''' for an XDI X3 document.
 +
# If the MIME type of the discovery document is '''application/xrds+xml''', select the highest priority service endpoint that conforms to the [[Higgins XRDS Service Endpoint]] requirements.
 +
# If the MIME type is '''text/x3''', parse the Higgins context configuration metadata from the X3 document as described in [[Higgins XDI Context Reference]].
 +
 +
=== ContextXRI Discovery ===
 +
 +
==== Using XRDS ====
 +
# Resolve the authority component of the XRI as specified in [http://docs.oasis-open.org/xri/2.0/specs/cd02/xri-resolution-V2.0-cd-02.pdf XRI Resolution 2.0]. Trusted resolution is RECOMMENDED.
 +
# From this XRDS document, select the Higgins service endpoint as defined in Section 13 of [http://docs.oasis-open.org/xri/2.0/specs/cd02/xri-resolution-V2.0-cd-02.pdf XRI Resolution 2.0]. Note that this provides multiple options for ContextXRI authors to control service endpoint selection. Using the path component of the XRI to match a [[Higgins XRDS Service Endpoint]] is RECOMMENDED.
 +
# Parse the Higgins context metadata as defined in [[Higgins XRDS Service Endpoint]].
 +
 +
==== Using XDI ====
 +
# Resolution of the authority component of the XRI may use either XRDS resolution or XDI context discovery.
 +
## For XRDS resolution, follow the same steps as described above, except that in the final XRDS document, the highest priority SEP of type '''xri://$xdi''' MUST be selected, and an XDI X3 document MUST be requested from that service endpoint URI.
 +
## For XDI context discovery, resolve the authority component of the XRI as specified in the XDI Contexts section of [http://wiki.oasis-open.org/xdi/XdiRdfModel XDI RDF Model]] document.
 +
# In both cases, from the final XDI document, parse the XDI context description as defined in [[Higgins XDI Context Reference]].
 +
  
 
== Relationship to OpenID ==
 
== Relationship to OpenID ==
''<to be written> rough notes:''
+
Note that any ContextURI may be an OpenID identifier as defined by [http://openid.net/specs/openid-authentication-2_0.html OpenID Authentication 2.0].
* A [[ContextId]] MAY be based on an OpenID identifier (URL or XRI) as specified in [http://openid.net/specs/openid-authentication-2_0.html OpenID Authentication 2.0] with the requirement that this URL or XRI MUST explicitly or implicitly specify a [[Higgins XRDS Service Endpoint]] path name.
+
* This pathname may be explicit (e.g. appending an OpenID with "/$context$ldap")
+
* If this SEP path is missing then it is assumed to be "/$context$xdi" (or "/($context)*($xdi)" in XRI 2.0 syntax).
+
 
* ''Give examples of OpenID-based ContextIds here...''
 
* ''Give examples of OpenID-based ContextIds here...''
  

Revision as of 23:23, 27 January 2008

Introduction

This page describes and defines a Higgins ContextId. See also: Context Discovery and Context Discovery Components.

Definition

A ContextId is a URI or XRI that identifies one Context.

  • A ContextId MUST conform to the ABNF defined below.
  • A ContextId must directly or indirectly (e.g. by resolution) provide sufficient information to both identify and open a Context. See the Context Discovery with a ContextId heading below.
  • Two different ContextIds may refer to the same Context.
  • If two ContextIds are equal, they refer to the same underlying Context dataset, although not necessarily the same Context "container" instance. This means that, as a requester of information, different Digital Identities may see different subsets of the Context based on the authorization passed in during authentication. A given ContextId may be used against multiple Context Providers to produce the same Context (although, as mentioned, different Context instances).
  • The Identity Attribute Service (IdAS) can be used as a service to access a Context given a ContextId

Syntax

The following ABNF defines a Higgins ContextId. Rules not defined in this ABNF are defined in the ABNF for XRI 2.0 (which includes the IRI ABNF from RFC 3987).

contextId          = contextURI / contextXRI

contextURI         = contextfileURI / contexthttpURI
contextfileURI     = [ "file://" ] ipath-abempty descriptor-ext
descriptor-ext     = ".xrds" / ".xdi"                                                            ;see note 1
contexthttpURI     = ( "http://" / "https://" ) iauthority
                     ipath-abempty [ descriptor-ext ] [ "?" iquery ]

contextXRI         = [ "xri://" ] contextQXRI /                                                  ;see note 2
                     contextHXRI                                                                 ;see note 3
contextQXRI        = xri-authority [ "/($context) [ "*" / "!" ] / "/$context" ) [ xri-segment ] ] ;see note 4
contextHXRI        = proxy-resolver "/" contextQXRI
proxy-resolver     = ( "http://" / "https://" ) proxy-reg-name
proxy-reg-name     = "xri." ireg-name

Notes:

  1. ".xrds" and ".xdi" are formats designed expressly for discovery and description of resources using HTTP(S) URIs and/or XRIs. XRDS format is defined by XRI Resolution Working 2.0. XDI format is being defined by the OASIS XDI Technical Committee. Other resource description file types can be supported by extending this ABNF rule.
  2. QXRI (Query XRI) is an XRI in URI-normal form without the "xri://" prefix. See XRI Resolution 2.0.
  3. HXRI (HTTP(S) XRI) is the format for encapsulating an XRI within an HTTP(S) URI for purposes of resolution by an XRI proxy resolver. See section 6 of [XRI Resolution 2.0 Committee Draft 02 XRI Resolution 2.0].
  4. The two different forms of QXRI path shown here -- /($context) and /$context -- are to accommodate both XRI 2.0 syntax and the simplified syntax proposed for XRI 3.0.

Examples

ContextURI

A ContextId in ContextURI form can be either a file or HTTP(S) URI. In either case it must end with either ".xrds" or ".xdi".

file://system/config/higgins.xrds
file://system/config/higgins.xdi
http://example.com/higgins/ldap.xrds
https://example.com/higgins/ldap.xdi

ContextQXRI

A ContextQXRI (Query XRI) is a pure XRI in XRI-normal form that does not include the "xri://" prefix.

=drummond/
=drummond/$context$openid
=drummond/$context$ldap
=!F83.62B1.44F.2813/
=!F83.62B1.44F.2813/$context$openid
=!F83.62B1.44F.2813/$context+$ldap
=drummond*mom/
=drummond*mom/$context$openid
=drummond*mom/$context$ldap
@example/
@example/$context$openid
@example/$context$ldap
@free*example/
@free*example/$context$openid
@free*example/$context$ldap

ContextHXRI

A contextHXRI is a ContextQXRI that uses an HXRI proxy resolver prefix. "xri.net" is a public HXRI proxy resolver operated by XDI.org. All others are examples.

http://xri.net/=drummond/
https://xri.net/=drummond/$context$openid
http://xri.example.com/@example/$context$openid
https://xri.example.org/@1000.a1b2.c3d4.9999/$context$ldap

Context Discovery using a ContextId

A key property of a ContextId is that it can be resolved into the metadata necessary open a Context. Following are the discovery rules for each form of ContextId.

ContextURI Discovery

Note that since URIs do not share the same structured identifier characteristics as XRIs, they must resolve directly to an XRDS or XDI document containing the necessary Higgins context configuration metadata as described in this section.

ContextfileURI

  1. Open the identified file.
  2. For an XRDS file, select the highest priority service endpoint that conforms to the Higgins XRDS Service Endpoint requirements.
  3. For an XDI X3 file, parse the Higgins context configuration metadata from the X3 document as described in Higgins XDI Context Reference.

ContexthttpURI

  1. Resolve the URI to a discovery document as specified in Section 6 of XRI Resolution 2.0 using EITHER OR BOTH of the following MIME types (depending on the client's preferred format and the server's available options):
    1. application/xrds+xml for an XRDS document.
    2. text/x3 for an XDI X3 document.
  2. If the MIME type of the discovery document is application/xrds+xml, select the highest priority service endpoint that conforms to the Higgins XRDS Service Endpoint requirements.
  3. If the MIME type is text/x3, parse the Higgins context configuration metadata from the X3 document as described in Higgins XDI Context Reference.

ContextXRI Discovery

Using XRDS

  1. Resolve the authority component of the XRI as specified in XRI Resolution 2.0. Trusted resolution is RECOMMENDED.
  2. From this XRDS document, select the Higgins service endpoint as defined in Section 13 of XRI Resolution 2.0. Note that this provides multiple options for ContextXRI authors to control service endpoint selection. Using the path component of the XRI to match a Higgins XRDS Service Endpoint is RECOMMENDED.
  3. Parse the Higgins context metadata as defined in Higgins XRDS Service Endpoint.

Using XDI

  1. Resolution of the authority component of the XRI may use either XRDS resolution or XDI context discovery.
    1. For XRDS resolution, follow the same steps as described above, except that in the final XRDS document, the highest priority SEP of type xri://$xdi MUST be selected, and an XDI X3 document MUST be requested from that service endpoint URI.
    2. For XDI context discovery, resolve the authority component of the XRI as specified in the XDI Contexts section of XDI RDF Model] document.
  2. In both cases, from the final XDI document, parse the XDI context description as defined in Higgins XDI Context Reference.


Relationship to OpenID

Note that any ContextURI may be an OpenID identifier as defined by OpenID Authentication 2.0.

  • Give examples of OpenID-based ContextIds here...

Open Issues

  1. Should the contextId ABNF support IRI (Internationalized Resource Identifiers) and not just URIs? Note that the ABNF above uses IRI rules; this needs to be changed if only URIs will be supported.

See Also

Links

Back to the top