libravatar-fans team mailing list archive

Thread
Date

Re: e.g. ".well-known/avatars" as an alternative/addition to DNS SRV for federated libravatars?

To: libravatar-fans@xxxxxxxxxxxxxxxxxxx
From: "Aslak Raanes" <aslakr@xxxxxxx>
Date: Tue, 13 Nov 2018 02:09:04 +0100
In-reply-to: <A3985679-F6B5-4BA8-AC8F-FA91DA7D27A6@ntnu.no>

(I'm sorry that I didn't have time to attend the IRC meeting)

On 10 Nov 2018, at 13:41, Aslak Raanes wrote:

> Looking at [WebFinger] and its [avatar link rel] I was wondering if one could use a `.well-known/avatars` or something similar as an alternative/addition to DNS SRV records federated avatars server?

Just to clarify, I was thinking this might be a solution for libravatar/avatars servers that can't or won't modify their DNS (and maybe libravatar clients that can't do DNS SRV lookups).

Given an adress `George@xxxxxxxxxxx` a client would:

    > GET /.well-known/avatars-server HTTP/1.1
    > Host: example.com
    >
    < HTTP/1.1 200 OK
    < Content-Type: text/plain
    <
    avatars.example.com

implying that avatars can be found at `https://avatars.example.com/avatar/` (only https?)

Given that there are som some gravatar-ish implementations like [Confluence Avatar Server] that use a rather different path, i.e. something like `https://confluence.example.com/rest/cas/1.0/avatar/server/` it seems, should it be possible to return full URI? Something like:

    > GET /.well-known/avatars-server HTTP/1.1
    > Host: example.com
    >
    < HTTP/1.1 200 OK
    < Content-Type: text/plain
    <
    https://avatars.example.com/different-path/

? (and should it be possible to add a TXT path=different-path/ to the DNS SRV?)

Should a client cache the response for at least 24 hours?

Or instead of defining a new `/.well-known/` URI,  maybe it's better to use [WebFinger] and reuse [avatar link rel] instead?

    > GET /.well-known/webfinger?
    >   resource=mailto%3AGeorge%40example.com&
    >   rel=http%3A%2F%2Fwebfinger.net%2Frel%2Favatar
    >   HTTP/1.1
    > Host: example.com
    >
    < HTTP/1.1 200 OK
    < Access-Control-Allow-Origin: *
    < Content-Type: application/jrd+json
    <
    {
        "subject" : "mailto:George@xxxxxxxxxxx";,
        "links" :
        [
            {
            "rel" : "http://webfinger.net/rel/avatar";,
            "href" : "https://avatars.example.com/avatar/40f8d096a3777232204cb3f796c577b7";
            }
        ]
    }


And if the resource query is just the domain (I'm not sure if that's legal in WebFinger), return the avatars server:

    > GET /.well-known/webfinger?
    >   resource=example.com&
    >   rel=http%3A%2F%2Flibravatar.org%2Frel%2Frel%2Fserver
    >   HTTP/1.1
    > Host: example.com
    >
    < HTTP/1.1 200 OK
    < Access-Control-Allow-Origin: *
    < Content-Type: application/jrd+json
    <
    {
        "subject" : "example.com",
        "links" :
        [
            {
            "rel" : "http://webfinger.net/rel/avatar";,
            "href" : "https://avatars.example.com/avatar/";
            }
        ]
    }




[Confluence Avatar Server]: https://marketplace.atlassian.com/apps/19488/confluence-avatar-server
[Well-Known URIs]: https://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml
[WebFinger]: https://webfinger.net
[avatar link rel]: https://webfinger.net/rel/avatar/
[RFC 7033]: https://tools.ietf.org/html/rfc7033 "WebFinger"
[RFC 5785]: https://tools.ietf.org/html/rfc5785 "Defining Well-Known Uniform Resource Identifiers (URIs)"
[RFC 6415]: https://tools.ietf.org/html/rfc6415 "Web Host Metadata"


-- 
Aslak Raanes
<http://www.ntnu.no/ansatte/aslakr>

Attachment: smime.p7s
Description: S/MIME digital signature

References

e.g. ".well-known/avatars" as an alternative/addition to DNS SRV for federated libravatars?
From: Aslak Raanes, 2018-11-10