[OpenID] No benefits of XRI i-names/i-numbers as OpenIDs (was: is openid 2.0 a lightweight identity system?)
number5 at gmail.com
Tue Feb 13 08:35:52 UTC 2007
---------- Forwarded message ----------
From: Bruce Wang <number5 at gmail.com>
Date: Feb 13, 2007 4:30 PM
Subject: Re: [OpenID] No benefits of XRI i-names/i-numbers as OpenIDs (was:
is openid 2.0 a lightweight identity system?)
To: Stephane Bortzmeyer <bortzmeyer at nic.fr>
On 2/13/07, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> On Mon, Feb 12, 2007 at 12:21:19AM -0800,
> Drummond Reed <drummond.reed at cordance.net> wrote
> a message of 80 lines which said:
> > though persistence is probably the most important one. When I
> > explain to someone new to OpenID that if they use a URL as their
> > OpenID, and they ever lose the registration of that URL, someone can
> > take over their OpenID identity COMPLETELY, they have a pretty
> > strong reaction. It's a bigger issue than most folks realize
> And it is mostly FUD. A *lot* of organizations spread FUD on URL and
> try to sell a "permanent" registration service. Probably because they
> are jealous of Verisign and would like to earn a market share like
> them. XRI is just one of the smallest and less credible contenders in
> that area.
> They forget that "permanent" is an administrative issue, not a
> technical one. It is easy to have permanent URI. Permanent URL are
> more difficult but it is the same thing for any other "permanent"
> scheme. If xdi.org collapses, what will become of your "permanent"
The most thing I love of OpenID is that it's a *decentralized* identity
system, anyone with enough knowledge could setup a OpenID server in minutes,
and with YADIS delegation support you can switch your IdP in seconds, so
there is no single failure point, and there is no Big Brother could control
or monitor everything.
Yes, the url scheme still depends on DNS system, but DNS system is an *open
system* and running successfully for decades to support the Internet. We all
known how DNS system work and trusted it for a very long time.
So please don't make simple things complicated, i-names could be easily
support using idproxy.net like proxy, we don't need it in the core OpenID
simple is good
simple is good
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the general