[OpenID] Proposal for Modularizing Auth 2.0 Discovery

Stephen Paul Weber singpolyma at gmail.com
Mon Mar 5 13:09:00 UTC 2007

> > > I own markbaker.ca., and publish http URIs in that namespace.  I might
> > > (I don't) also have email addresses there, say mark at markbaker.ca.  If
> > > a public standard were crafted which defined a mapping for
> > > mailto:mark at markbaker.ca to something under http://markbaker.ca (say,
> > > http://markbaker.ca/~mark), then by virtue of minting a new
> > > markbaker.ca email address, the corresponding http URI is now
> > > effectively reserved, and unavailable for me to use as anything other
> > > than an alias.

This is not fully true.  Since OpenID simply requires one to place
invisible metadata in a page, that page can be ANYTHING and still work
as an OpenID.  It can be an ad for rabbits and an openid for bill
gates, and everything will work fine.

Same goes for user at host.tld  <-- legal HTTP URI, maybe something else
is already there, but all that is needed is the metadata.

More information about the general mailing list