[OpenID] Proposal: SMTP service extension for Yadis discovery
mart at degeneration.co.uk
Mon Feb 5 08:17:52 UTC 2007
Dmitry Shechtman wrote:
> An SMTP service extension for Yadis discovery is proposed, inspired by
> Byrne Reese’s suggestion to allow use of email addresses as OpenID
While I like the principle, I'm not convinced that extending SMTP is the
right approach. Imagine that I already have an SMTP service on my system
that is handling mail. Now I must either:
* Hack whatever MTA I'm running to support this extension.
* Run a separate MTA on a separate address... but now I can't use my
"real" email address as my identifier because the MX points at the other
If you're going to go as far as defining a separate listener outside of
an HTTP server, there's no real reason why it has to be an extension to
anything. Imagine the following protocol:
* User enters frank at example.com.
* RP does SRV lookup for _yadis._tcp.example.com
* RP connects to a nominated address/port pair
* RP sends the literal string "XRDS mailto:frank at example.com" followed
by a \r\n.
* Service responds with "XRDS http://www.example.com/frank/~yadis"
followed by \r\n
By using SRV it can run on any address(es)/port(s) rather than having to
be the same as my mail exchanger(s). It can also theoretically accept
other similar identifiers like Jabber IDs if an appropriate mapping is
However, this doesn't have the nice "user bootstrap" quality that
HTTP-based Yadis does. I can't just get a free/cheap hosting account and
throw up an XML document; in most cases users will need a whole rented
server in order to be able to run arbitrary services like this.
I'm also not sure that there's a pressing need to use email addresses in
More information about the general