Draft charter for v.Next Attributes working group

Paul E. Jones paulej at packetizer.com
Wed May 12 02:41:35 UTC 2010 

Santosh,

 

Why not store the claimed ID in the webfinger (LRDD) XRD document?

 

The objective, I would hope, is to make it easier to log into web sites.
Email-style identifiers make that easier, but the system does not have to be
built around those.

 

So, I sign up with a service provider.  Let's just use my own site as an
example.  I am assigned an email address paulej at packetizer.com.  Behind the
scenes, I am also assign an OpenID ID http://openid.packetizer.com/paulej.
Now, when I visit a web site, I can type 'paulej at packetizer.com' and the
site can perform a webfinger query to discovery by OpenID ID.  We would
define a link relation (something we've talked about before) that represents
openid.  It could be http://openid.net/identity or it could be simply
"openid" (since link relations need not be URIs).  Looking at the href of
the "openid" link relation, one would find my OpenID URI
http://openid.packetizer.com/paulej.

 

Now, should I wish to have a different email provider than my openid
provider, that's fine: I could change the record associated with the openid
link relation to contain a different OpenID identifier.  Alternatively, I
could just get an account at someopenidop.com and they might assign an
e-mail style address like paulej at someopenidop.com and perform the Webfinger
resolution behind the scenes.

 

Anyway, issue this request:

$ curl http://www.packetizer.com/lrdd/?uri=acct:paulej@packetizer.com

 

You'll see the link relation for my claimed ID:

<Link rel="http://openid.net/identity"

      href="http://openid.packetizer.com/paulej"/>

 

It does introduce another protocol, but I think these play nicely together.
The real identity would remain the URL that OpenID uses today.  The email
identifier would just be an alias for it.

 

Paul

 

From: Santosh Rajan [mailto:santrajan at gmail.com] 
Sent: Tuesday, May 11, 2010 12:39 PM
To: Paul E. Jones
Cc: Mike Jones; jsmarr at stanfordalumni.org; openid-specs at lists.openid.net;
tech-comm at openid.net
Subject: Re: Draft charter for v.Next Attributes working group

 

 

On Tue, May 11, 2010 at 8:55 AM, Paul E. Jones <paulej at packetizer.com>
wrote:

 

Adding support for email-style addresses is something I like, but something
that can be provided via webfinger.  Thus, no change to the base protocol.

 

 

I beg to disagree here. I think the base protocol needs to address the issue
of email like identifiers. I would like to see that email like identifiers
are valid OpenID claimed id's.

So something like acct:example @ example.com should be a valid OpenID
claimed_id.

 

Also this discussion should not be in this thread (about attributes) and
maybe someone could start a new thread on this subject.

 

Thanks

Santosh

 

 

http://hi.im/santosh



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100511/0766a7fd/attachment.htm>

More information about the specs mailing list