[OpenID] Anti-XRI FUD

Jens Alfke jens at mooseyard.com
Wed Jan 3 08:14:36 UTC 2007


On 2 Jan '07, at 7:28 PM, Gabe Wachob wrote:

> It sounds to me like a lot of people are upset that somehow INames  
> are not
> totally decentralized. OK, I can understand that's an issue for  
> some, but
> for those folks working on INames, its not the primary concern...  
> INames
> picked two.

That may be because decentralization was a key goal of OpenID from day  
one. The very first thing I remember reading about OpenID was Brad's  
initial web-page on danga.net, wherein he described OpenID as (I'm  
paraphrasing slightly) "an actually decentralized identity system"  
that "doesn't break if one site/domain goes down or turns evil".

Brad was, I believe, tweaking the nose of the first version of Sxip,  
which had recently been unveiled, and which had a single point of  
failure at sxip.net's DNS servers. As far as I can tell (and that's  
not very far, since the state of XRI/iNames documentation seems  
spectacularly poor*) iNames have exactly the same problem. Yes, anyone  
can run their own XRI resolver, but it seems that all of them  
bottleneck through an HTTP request to a subdomain of xri.net.

Obviously, global namespaces have utility**, management of the root  
names is a natural monopoly, and root names take work to maintain and  
serve; all of which means that root names have monetary value. But we  
already have a global namespace in DNS. And since a global namespace  
is a necessary evil, you'll have to work extremely hard to convince me  
(and many others) that we somehow need another one.

In particular, from my reading I do not get any sense that XRI is  
sufficiently superior to DNS/OpenID as to make it worthwhile. It does  
seem somewhat better, but it would have to be many times better to  
justify the re-invention of all these wheels. To me, it smells like  
earlier failed efforts such as X.500 and Xanadu, which tried to create  
overly complex systems that ended up not being sufficiently better (or  
comprehensible) to survive against the simpler protocols that won.

--Jens

* I was, by coincidence, trying to find coherent docs on iNames  
tonight, before I found this thread in my inbox. I've been in this  
industry for 20 years and have read a buttload of RFCs; and usually I  
can make sense of a new technology. With XRI it feels like the RFC- 
equivalents have been mixed together, shuffled with brochures of pure  
marketing hype, shredded, and scattered all over creation.

** The iNames marketing stuff points out how simple and clear they  
are. And "=bob" or "=fred.smith" does seem so concise. But that only  
works because only a few hundred people actually have iNames so far.  
After a few million have been snapped up, the latecomers won't be able  
to get anything nearly that nice: just like AOL users, they'll be  
stuck with "=fredsmith226365" or "=ilikecheeeeez", and the  
memorability advantage is completely lost.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070103/2baa8d9b/attachment-0002.htm>


More information about the general mailing list