WebFinger Makes the Web Friendlier
September 16, 2013
WebFinger is a new IETF protocol that allows one to discover information about people and entities on the Internet. It is a RESTful protocol that returns a JSON object (referred to as a JRD) containing a set of aliases, properties, and links related to a given URI.
WebFinger is not a protocol that scours the Internet looking for information about people. Rather, it is a protocol that enables a requesting entity to retrieve specific information that is publically and purposely shared via a WebFinger server. To give a concrete example, suppose you are a member of a social networking site, wherein you can post your profile picture, publish your contact information (e.g., address, phone number, and email address), and your name. The social networking site probably has privacy mechanisms so that you can mark that information to be shared with only certain people, groups of people, or publically. If the social networking site implements WebFinger, then any information marked as “public” might be available via a WebFinger query.
Now, you might be asking yourself why anyone would care about this. Well, imagine visiting a blog and entering your email address in order to post a comment. If you publish information via WebFinger, it would be possible for that other blog to retrieve that information. So, you would not have to publish a new picture of yourself or re-enter your name. The blog could retrieve it automatically for you, just using your email address. That’s very cool.
Now, while WebFinger can work with any URI, typically clients and servers utilize the “acct” URI (refers to a user’s account) to query for information about a person. For example, my email address is paulej@packetizer.com and my acct URI is acct:paulej@packetizer.com. A blog I might visit would issue a query to the WebFinger server at packetizer.com asking for information about “acct:paulej@packetizer.com”. The response would be the JSON document I described above.
Just to show a simplified example, this is what part of the response message might contain if the server were queried using the “curl” command.
$ curl https://packetizer.com/.well-known/webfinger?resource=acct:paulej@packetizer.com
{
"subject" : "acct:paulej@packetizer.com",
"aliases" :
[
"h323:paulej@packetizer.com"
],
"properties" :
{
"http://packetizer.com/ns/name" : "Paul E. Jones",
"http://packetizer.com/ns/name#zh-CN" : "保罗‧琼斯",
"http://packetizer.com/ns/activated" : "2000-02-17T03:00:00Z"
},
"links" :
[
{
"rel" : "http://webfinger.net/rel/avatar",
"type" : "image/jpeg",
"href" : "http://www.packetizer.com/people/paulej/images/paulej.jpg"
},
{
"rel" : "http://webfinger.net/rel/profile-page",
"type" : "text/html",
"href" : "http://www.packetizer.com/people/paulej/"
},
{
"rel" : "http://packetizer.com/rel/blog",
"type" : "text/html",
"href" : "http://www.packetizer.com/people/paulej/blog/",
"titles" :
{
"en-us" : "Paul E. Jones' Blog"
}
},
{
"rel" : "http://schemas.google.com/g/2010#updates-from",
"type" : "application/atom+xml",
"href" : "http://www.packetizer.com/people/paulej/blog/blog.xml"
},
{
"rel" : "http://bitcoin.org/rel/address",
"href" : "bitcoin:17XoqvUCrf12H7Vc7c7uDxib8FDMXFx2p6"
}
]
}
This document has a lot of useful information inside. For example, it provides my name, URLs to my picture, blog, RSS feed for my blog, and my Bitcoin address.
The last example is rather interesting. For those who are not familiar with Bitcoin, it is a relatively new digital currency that is growing in popularity. One of the challenges from a user perspective with Bitcoin is sharing one’s bitcoin address reliably with people. A bitcoin “address” looks like that long string of characters following “bitcoin:” in the example above. Typing that when trying to send somebody money is prone to error. WebFinger makes it much simpler by “discovering” the address using the more familiar e-mail address. So, as Bitcoin software clients are updated to support WebFinger, one would just enter “paulej@packetizer.com” to send money, for example. The software would add the “acct” URI scheme on the front, send the query to the domain, and then look for the bitcoin address(es) returned in the JRD.
WebFinger is already utilized by standards like OpenID Connect, which allows one to log into remote web sites using their account URI. This greatly simplifies the login process and the need to fill out lots of repetitive information when creating new accounts or associating two accounts.
Of course, since WebFinger is still new, it’s quite possible that your service provider does not yet support it. The good news is that it’s very simple to implement and there are already several open source implementations of client and server code.
Permalink: WebFinger Makes the Web Friendlier