![[OpenID enabled]](http://lid.netmesh.org/images/openid-relying-party-anonymous.gif)
![[XRI enabled]](http://lid.netmesh.org/images/inames.gif)
![[LID enabled]](http://lid.netmesh.org/images/lid-relying-party-anonymous.gif)
LID 2.0 Canonical LID URL
From LID Wiki
Issue
How do we tell whether two LID URLs are equal? For example, is http://lid.netmesh.org/liddemouser the same LID URL as http://lid.netmesh.org/liddemouser/ (trailing slash). What about https://lid.netmesh.org/liddemouser? (HTTPS protocol)
This is very important for operations such as checking of the public key. If a signed LID operation carries a certain LID as argument, but the signature is from the same URL without the trailing slash, should the signature be considered good or bad? What if one uses HTTPS instead of HTTP?
Resolution
LID URLs shall only be compared against each other after they have been canonizised. If the two canonizised LID URLs are equal and only then, then the original LID URLs are equal for purposes such as public-key validation.
The algorithm for converting a LID URL into its canonical representation is as follows:
- if the protocol is
https, replace the protocol withhttp. - if the protocol is now anything other than
http, the URL is not a LID URL. (note: this requirement may be relaxed in the future) - a URL that contains a user and/or password component is not a LID URL
- a URL that specifies port 80 or 443 (e.g.
http://example.com:80/joe) will be converted to a URL that does not specify a port (e.g.http://example.com/joe). - if the host component refers to a relative name, replace the host component with a fully-qualified DNS name. For example, the LID URL
http://charlie/foo, used within companyexample.com's intranet, would be converted tohttp://charlie.example.com/foo. - all components of the path must be unescaped to the maximum extent possible. For example, if a LID URL contained
%41as a character, this character needs to replaced by its unescaped versionA. - any spaces in the path must be replaced by
+. (Note: spaces in LID URLs are strongly discouraged) - any trailing slash is discarded. For example, the LID URL
http://lid.netmesh.org/liddemouser/would be replaced byhttp://lid.netmesh.org/liddemouser. This conversion is performed even for URLs that refer to the top resource on a host (e.g.http://example.com.)
Consequences:
- Trailing slashes are ignored
- URLs whose only difference is https vs. http are considered to be the same LID URL.
Caveat
This algorithm is to be applied for LID URL comparisons only. There is no requirement for a LID Server, for example, to be able to serve both http://lid.netmesh.org/liddemouser (no trailing slash) and http://lid.netmesh.org/liddemouser/ (trailing slash). Instead, LID Clients must behave gracefully when the LID Server issues a redirect from the former URL to the latter (as web servers do automatically in many cases when trailing slashes are missing for URLs.)
