[OpenID board] [OpenID] ICANN - dotOpenID Has Found Its First Sponsor

Martin Atkins mart at degeneration.co.uk
Sat Sep 27 08:55:00 UTC 2008


Hans Granqvist wrote:
> Wrong end of the URL!
>
> A big problem with OpenID is that it uses ugly URLs as identifiers.
> That they start with "http://" and have dots. It's not what TLD they
> end with that is a problem.
>   
Much like when URLs are published in the press, the http:// prefix and 
the single-slash path component can be omitted when displaying these 
URLs to users. I wish more RPs would do this.

As for it being a problem that the identifiers contain dots... that's 
clearly a subjective issue!
> Anyway, compared to say, ".com", how will creating ".openid" help
> improve anything? Looks like a misspelling of "opened". "myid"
> isn't much better.
>
>   

One thing that amuses me about this proposal is that putting everything 
OpenID in one DNS domain would make it look a lot like the first version 
of Sxip where the IdPs where subdomains of sxip.com (or something like 
that; it's been a while.)

I know that's not exactly what's being proposed here, but it did make me 
chuckle from a "what's old is new again" perspective.

One thing I would be interested to know is whether having a new 
top-level domain for identifiers would make it possible to use different 
rules inside that domain such as requiring DNSSEC. It's become clear 
that getting DNSSEC deployed right at the root and in the existing TLDs 
is not happening soon, but perhaps it can be used under a new TLD if RPs 
support it. I confess to not knowing a great deal about DNSSEC, but it 
seems to me that in order for it to be worth having a new TLD 
*something* has to be different to the existing free-for-all domains. 
Addressing the concern that OpenID depends on DNS and DNS is insecure 
would be a useful goal.





More information about the board mailing list