If you are a geek, you probably have no problem to use an URL as an identifier. But for “normal” users it is a bit strange to use an URL, they are more accustomed to use an email address as an identifier. And so a protocol has been defined to transform email addresses to URLs: Email Address to URL Transformation (or short: EAUT).
The protocol works in the following way (optimal scenario):
- The user enters his email address, e.g. email@example.com
- The server makes a request to http://example.com to get the location of an XML file with EAUT information
- The server retrieves the XML file
- Using the information from the XML file, the server transforms the email address to an URL, e.g. firstname.lastname@example.org to http://daniel.example.com
- The server can now use this URL, for example, to perform an OpenID authentication
For the curious the XML file for the transformation described above:
<?xml version="1.0" encoding="UTF-8"?> <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> <XRD> <Service priority="0"> <Type>http://specs.eaut.org/1.0/template</Type> <URI>http://%7Busername%7D.example.com</URI> </Service> </XRD> </xrds:XRDS>
Ok, that was a short introduction to EAUT, for more details I recommend to have a look at the specification.
If you want to use EAUT in your application, you do not have to care much about the protocol details. There are libraries for PHP, Python, and Rails, which do the heavy work for you.
And to make it even easier for cakebakers, I integrated EAUT support into the latest version of the OpenID component. To enable it, you simply have to place the EAUT library (Email.php) in the vendors/Auth/Yadis folder. And with that it should also be possible for your users to use an email address instead of an OpenID for authentication purposes.
PS: On September 13/14 there will be a NoseRub DevCamp