[OpenID] Anti-XRI FUD

Gabe Wachob gabe.wachob at amsoft.net
Wed Jan 3 03:28:08 UTC 2007 

James Donald wrote: 
> This open standard, if widely adopted, means that one
> particular entity gets a monopoly over all names, and
> can charge for them what the market will bear. It is an
> open standard for interfacing to a proprietary for
> profit service.

This FUD has gone too far. 

We need to all take a breath, introduce some facts, and then we can have a
useful conversation.

If you read the XRI specifications, you will see that anyone can be a root.
INames is one deployment of XRI where a bunch of folks have gotten together
and decided to cooperate on some global namespaces to provide resolution
that is available to anyone - and yes, this is centralized. 

If you want to run other roots (using XRefs, or even, I suppose the GCS
characters) then by all means, go ahead. From day *one* when I was at Visa,
we wanted to be crystal clear that use of XRI didn't have to depend on an
outside party. Believe you me, Visa wants to be the root of all things Visa
and that attitude is built into the core of XRI. 

James Donald also wrote:
> A full implementation of Zooko's triangle is multi
> rooted, and functions similarly to the way we handle
> actual human names or words in the English language.
> You don't have to apply to anyone for permission to use
> a name, or pay a fee to someone for use of that name,
> nor can that name be suddenly taken away from you after
> you have developed a lot of customer loyalty towards
> that name.

That's why XDIORG has set of policies around these pricing issues. Have you
read them? I'm not associated with XDIORG and have not been involved in the
creation of these policies, but they are there for everyone to read:
http://gss.xdi.org 

And "a full implementation of Zooko's triangle" is a nonsensical statement.
To quote zooko: "Names: Decentralized, Secure, Human-Meaningful: Choose Two"
(or "global", "securely unique", "memorable", depending on how you break it
down. 

I believe XRI allows you to choose two (and go a ways towards number 3)
depending on how you deploy the XRIs. You can deploy XRIs in a
self-authenticating way (e.g. with keys in the XRIs themselves, or with
public keys in trusted resolution as defined in the XRI resolution spec),
you can deploy them totally decentralized (e.g. with a private root that
specifies resolution in some manner that is not currently defined), and of
course you can deploy XRIs in human friendly/memorable form. I believe the
INames deployment favors security and user-friendliness over
decentralization. 

It sounds to me like a lot of people are upset that somehow INames are not
totally decentralized. OK, I can understand that's an issue for some, but
for those folks working on INames, its not the primary concern... INames
picked two. 

That being said, if someone is interested in talking about using XRI in a
totally decentralized manner, I'm interested in that too - not sure how that
would work with OpenID where you need to have some sort of global
discoverability, but we can talk about it. I posted something on a
decentralized naming concept with XRI at
http://blog.wachob.com/2006/08/routing_on_flat.html 

   -Gabe

More information about the general mailing list