Draft OpenID v.Next Discovery working group charter

Dan Brickley danbri at danbri.org
Fri Apr 16 07:50:10 UTC 2010


Hi there

On Fri, Apr 16, 2010 at 3:50 AM, Paul E. Jones <paulej at packetizer.com> wrote:
[...]
>> The solution to the comcast.com issue in my view has to be a solution
>> for all of Alice's internet activities. It has to work for email and
>> her blog and her jabber chat. Since they use DNS as the name scheme,
>> her only real solution to the comcast issue in that case is to buy her
>> own DNS name. That solution must be a sufficient solution for OpenID
>> as well - if it is going to deserve the term 'open'.
>
> Yeah, this is a challenge.  A DNS solution will not help, though.  Once one
> has a Jabber ID, that can't be so easily changed.  Once one has an email ID,
> that can be so easily changed, either.  This is one reason why I own my own
> domain -- so I can run all of these services myself.  That's just
> unreasonable for most.

Is it really unreasonable for most Internet users to own their own
domain(s)? Why exactly?

It is certainly unreasonable to expect them to understand all the
complex knobs and switches in a typical DNS registrar Web admin panel;
those things are a mess, even for expert users. In many countries, it
is probably unreasonable to expect all citizens to be able to afford
current prices. Given the way things are structured currently, it
certain is *ambitious* to aspire to everyone owning their own domain
names. But I don't see any impossible challenges here. If mass market
online banking can happen (and it seems to be happening), then mass
market DNS is feasible too.

>> That is why one of the routes I see for evangelizing OpenID is to go
>> to the big DNS registrars with a value proposition: If they support
>> OpenID it will increase the value of the names they sell. I can go to
>> Bob Parsons with a really good argument that he can see a fast return
>> on investing in OpenID.

I think this is exactly right. If the registrars want to do this in a
lightweight manner, they could even simply allow users to delegate
their self-owned OpenID URI over to facebook/google/yahoo and friends.
 If the registrars want the privilege of saying 'hello buddy (and
here's an advert)' to their users several times a week instead of
several times a year, OpenID should have some appeal there too. Not to
mention the larger privilege of potentially seeing much more of what
their users do in their online activities. There is a rich spectrum of
possibilities here for behaving well, and also it must be said, for
behaving less well; for investing a little, or investing a lot. And
that's what could turn it into a real marketplace...

> If you're suggesting that Go Daddy ought to push OpenID and other value-add
> services and sell users domain names that are equipped with those services,
> yeah... fully agree.  It's not too much to ask to pay $10/yr to get those
> kinds of services.  For whatever reason, domain sellers have only focused on
> email, web hosting, SSL, and a few more geeky things.

OpenID (and XMPP) could join that list quite easily, except most
customers don't realise they want it yet.

> If users really do care about preserving their identity on the Internet, I
> can definitely see a user-friendly service being quite popular.  But, do
> people really care about preserving their identities?

It might just be a matter of time. After a few more years of startups
failing and larger companies getting complacement, the levels of
anecdotal anger in circulation might be enough to motivate people
towards independence.  For example, if someone like Yahoo were to
eventually screw up something as widely loved as Flickr, or Twitter
found themselves overstepping the mark re targetted advertising
(apologies to those companies - purely examples, I just happen to use
and hence depend on those sites). People tend to complain more loudly
than they praise, so I fear it'll take a high profile screwup or two
before the value of this kind of freedom is really appreciated.

I think in open data (W3C semweb, dataportability.org etc) circles we
have cared too much about formats and protocols, and too little about
identifiers/domains. It isn't data lock-in that keeps my photos on
Flickr, since their API generously exposes everything. It's (a) their
ongoing of quality of service (b) link-based lock-in: moving my stuff
would break every link to it in the Web. I can't see a plausible way
around this without getting more users engaged with switching at the
DNS level. WebFinger might be a plausible indirection mechanism for a
single identifier, but these issues affect the entire business of
general Web hosting too.

While sites like Flickr might benefit from having all their users on
one big fat domain name, there could be other benefits (link karma;
until the search engines catch up?) to having ways for them to e.g.
negotiate temporary control of my photos.danbri.org domain.  All that
said, the fact that blogger switched off FTP based publishing to
user-owned domains suggests the trend could just as easily go in the
other direction.

cheers,

Dan


More information about the specs mailing list