[OpenID] is openid 2.0 a lightweight identity system?
mart at degeneration.co.uk
Fri Feb 9 08:12:19 UTC 2007
James A. Donald wrote:
> There is much to be said in favor of XML parsing and
> RDF, but by my understanding, what we get for XRDS is
> XRI - seems to me that XRDS is part of XRI support -
> indeed a great pile of stuff is there for XRI support.
> Of course my understanding of this large and complex
> spec is quite superficial, but that is my impression.
XRDS was in play before i-names became part of the spec. It was adopted
(in Yadis) to unify the discovery of services as a first step towards
bringing everything together.
> It seems to me that much of the complexity in OpenID is
> complexity that could live in XRI servers, not in OPs or
> RPs - that XRI could be changed to accommodate OpenID,
> rather OpenID changed to accommodate XRI
I was told when we were last discussing this that XRI/i-names support is
only a SHOULD, so in theory you could leave it out if you wanted. It'd
hurt the user experience for i-names users, but if you don't care about
i-names then you probably don't care about that! :)
Having said that, I can't locate the relevant SHOULD in the spec, so
it'd be cool if one of the spec authors could point it out.
However, much of the pain of supporting XRI is hidden away in proxy
resolvers. I seem to recall that there was one thing that they were
missing — to do with verifying canonical identifiers — which RPs must
currently do themselves. I'd strongly suggest that be added to the proxy
resolvers if at all possible, so that all OpenID RPs have to do is make
a single HTTP request to the xri.net proxy resolver and have done with it.
More information about the general