XDI What is it? What is it good for? (4K)
Session Topic: Why XDI is Needed? (T4K)
Convener: Mike Schwartz
Notes-taker(s): Mike Schwartz
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Why XDI is needed?
It is too hard to secure data against use by the wrong people, and to share data with the right people.
It is too hard to use the Internet to make sense of data.
What new services would be possible if we had a secure, scalable framework for data sharing?
Security must also be portable / interoperable
XRI 3.0
- Extensible Resource Identifier
XDI 1.0
- XRI Data Interchange
- Standard for connecting XRIs into meaningful graphs
XRI Summary:
- Abstract identifier (not tied to network which is constantly changing)
- Persistent identifiers issued by global registry under the management of non-profit: XDI.org
Example of XRI cross reference to URI: (http://www.gluu.org)
XDI Summary:
- Graph data structure based on
- Subject / Predicate / Object semantics:
Example: =schwartz/+age/(data:,41)
OpenXDI project: implementation of XDI 1.0 draft:
oxJava, oxRuby, oxJS : Native implementations of XDI standard
oxServer : J2EE server implementation: persistence (LDAP), messaging,
oxGraph : Visual tool for viewing, validating, and converting XDI
oxAuth : OAuth 2.0 Authorization Server using XDI graphs to persist tokens
oxTrust: UI for organizational IDP and trust network management
oxModel: REST interfaces to make it easier for app developers to build XDI enabled applications
Why XDI is a critical innovation:
1. To control data we need to be able to name it
2. Once we can name it, we need to be able to make sense of it
3. Once we can make sense of it, we need to be able to control access to
4. Level playing field / inter-operability
5. New service possibilities ! ! !