Tuesday, December 30, 2008

Firefox XRD Extension II

I just uploaded a new version of the XRDS extension for Firefox and a version of the openinfocard extension that uses it.

When the extension xrds_pageinfo.xpi is installed then the openinfocard extension shows the list of cards that where used at this site. Hm, to be more precise: The list of Information Cards is shown of which a record of usage is stored in the cardstore. If you use the new "delete privacy data" feature of the openinfocard extension then no card usage is shown.

Also available in other languages than German.
have fun

Friday, December 05, 2008

Firefox XRD Extension

Even so progress is slow sometimes...
Sometimes things actually move forward.
Based on the discussion at IIW and the former posts I started to write an extension for Firefox that allows users to see the XRDS provided by a site.

I see this as a further step to get IDentity In the Browser. But not only "openid in the browser" but much more.
First let's see how this looks.


Even if you have this new "xrds_pageinfo.xpi" extension installed and visit a site that provides xrds then there is at first not much to see. The site's XRDS is not visible to the user. And that is good as it is. The normal user is not interested in some xml file. The services described in the file matter.

Well. All my new Firefox extension currently does for the user is to show just that xml. Click on the favicon of the site and you will see something like this:


But there is more to come and there is more under the hood. The extension implements a component in javascript that allows other extensions to access the discovered XRDS and add/remove handler for services defined in the XRDS.

The current interface definition for the component is:
[function, scriptable, uuid(13e630b8-3f41-456b-ae26-c30b201c8f99)]
interface IXrdsServiceHandler : nsISupports
        boolean handle(in nsIDOMElement service, in nsIDOMDocument doc);
[scriptable, uuid(DDD9BC02-D964-4bd5-B5BC-943E483C6C57)]
interface IXrdsComponent : nsISupports
  void addServiceHandler(in ACString xrdsServiceType, in IXrdsServiceHandler aXrdsServiceHandler);
  void removeServiceHandler(in ACString xrdsServiceType, in IXrdsServiceHandler aXrdsServiceHandler);
  IXrdsServiceHandler iterator(in ACString xrdsServiceType);
  long getHandlerCount(in ACString xrdsServiceType);
  IXrdsServiceHandler getHandlerByIndex(in ACString xrdsServiceType, in long index);

  void addXrdsForSite(in ACString site, in AUTF8String xrds);
  AUTF8String getXrdsForSite(in ACString site);

This interface definition will change. But after I have integrated this into the openinfocard identity selector and after feedback from the other XRD-enthusiasts and perhaps integration into "openid in the browser" I expect something stable no so far away.

What next?
  • provide some useful GUI
    • it should be possible to click on a button and this will retrieve the privacy policy of the relying party or openid consumer if that service is defined by the XRDS.
    • click and the Information Card selector starts and your chosen claims will be send to the RP.
    • click and your openid attributes are retrieved and provided (without stealable credentials being involved).
    • click and the browser opens the page where you can edit your data.
    • click and the browser opens the page that lets you terminate the relation to this site.
    • click and you can present your voucher.
    • click and you are a new customer with verified claims.
  • integrate with openinfocard id selector
  • integrate with IDIB
  • standardize all this
    • standardize service types
    • standardize this usage of XRDS for relying parties, openid consumers, webshops, whatever
    • There are many open questions. Implementing this and defining service types etc is fruitless if there is no (industry) standard.

I hope that I can work in the OASIS TC(s) relevant to this. Currently it looks like joining is next to impossible. I spare you the details.

I would like to end with something positive... So please find the Firefox extension here. Please send suggestions to
Happy Xrd-ing. -Axel

Tuesday, December 02, 2008

Pamela Dingle Speaks

Join veteran Experts Conference speaker Pam Dingle as she shares tips and tricks on how to achieve 'enlightened bottom-up' Identity Management. Pam believes that, as long as you start with a few simple overarching strategic principles, identity management can be 90% tactical. Pamela will use her professional IdM experience to show how the right selection of point solutions in the enterprise can make a world of difference, providing strategic agility to the business while pre-emptively reducing complexity for the future. Look for ILM, Federation and CardSpace to be key technology players in this talk, complete with real-life examples that tie it all together.

The Experts Conference, March 22-25, 2009 in Las Vegas, NV presents her talk "The Survivalists Guide to Identity Management".