XRI confusion

[Dick Hardt]

Hey Drummond

In reviewing:
	http://www.lifewiki.net/openid/ConsolidatedDelegationProposal
...
Summary of Motivations

4. Enable RPs to take advantage of XRI CanonicalDs to protect End- 
Users from ever having their Portable Identifier reassigned (and thus  
their identity taken over).
....

How would a user ever learn what their CanonicalID is?

If there Portable Identifier (i-name) is reassigned, then they will  
be sent to an IdP for the new Canonical ID is, expecting credentials  
from the new owner. The user will never make it back to the RP, and  
they will have no easy way of proving they are the owner of the  
CanonicalID.

Additionally, in the proposal, the i-name is not sent from the RP to  
the IdP, so how does the IdP know which i-name to address the user  
as? Also, once the user is back at the RP, the RP needed to maintain  
state if they want to present to the user which i-name the user  
logged in as.

This would seem to be really important for both the IdP and the RP to  
communicate to the user which user visible identifier is being used.

-- Dick