Use domain names as the canonical entity names about tent.io HOT 5 CLOSED

My impression was that the API/protocol is to be over Https, but the entity name need not be the tent server.

For example, my Tent identity could be http://alexw.co/ and with my Link: Http header I'd delegate one or more Tent server(s) to handle my identity. Link: https://tent.some-provider.tld/; rel="Tent". And it's this service that has the absolutly defined Uri paths and requirement of Https.

from tent.io.

Yes, you are right. My main point of concern here is the discoverability of Tent services, and how it's validated that a given Tent profile is 'allowed' to be used on an entity. That is, I can direct to any Tent server from my site. That means I can go ahead and say 'That is my tent server'. The opposite, however is not so trivial: the Tent profile also needs to have a way of saying 'yes, i am a valid tent for this site' so that I can't link to somebody else's Tent and cause havoc.

Therefore, the entity field has to be matched up with the origin of the Link: header. Protocol agnosticism (i.e. skipping the schema part) would help sites that use a HTTP/HTTPS dual-stack.

It boils down to the question whether the protocol is a part of the identity or merely a means of transport.

from tent.io.

You wouldn't go from talking to a Tent server to believing it's the authoritative server for an identity without checking the identity first.

You actually wouldn't be talking to a Tent server about an entity without first being directed there by the identity's Link: header or tag, because that's where you discover which server to attempt to use.

from tent.io.

@jonasschneider The entity identifier can be a HTTP or HTTPS URL including a path. We consider https://example.com and http://example.com to be completely different (different ports and protocols). Discovery handles validating that you are following who you think you are following:

1. My app tells my server to follow http://jonasschneider.com/foo
2. My server performs discovery on http://jonasschneider.com/foo and finds a Link header pointing to https://tent.jonasschneider.com/profile which serves up a profile that specifies an entity of http://jonasschneider.com.
3. Since they don't match, the server performs discovery on http://jonasschneider.com which also serves a Link header pointing to the same server, which confirms that the entity identifier is valid.
4. My server tells your server that it wants to follow you, and the same process is executed on your server to validate my entity identifier.

Thus, you can have as many URLs as you want pointing links at your Tent server, and you'll always end up communicating using your canonical Tent entity identifier.

Let me know if you have further questions.

from tent.io.

Awesome. That's just what I had in mind.

from tent.io.