[OpenID] Don't you think digital identity URIs should have aspecific TLD ?
Bob Wyman
bob at wyman.us
Thu Dec 28 05:47:47 UTC 2006
On 12/27/06, Drummond Reed <drummond.reed at cordance.net> wrote:
> XRI infrastructure solves this problem by explicitly supporting
> reassignable identifiers (i-names) and persistent identifiers
> (i-numbers) and permitting the resolution of any reassignable
> i-name to be mapped immedidately to a synonymous
> never-reassigned i-number which can be safely stored by an
> OpenID Relying Party without exposing the identity owner to the
> risk of having their i-name "taken over".
The XRI Syntax specification says that a Persistent Identifier is "An
identifier that is permanently assigned to a resource and intended never to
be reassigned to another resource." While it may well be the "intention"
that such persistent identifiers are never to be reassigned, one must accept
that an "identity owner" is, in fact, exposed to some "risk of having their
i-name 'taken over'" in the case of unintended events. There is nothing
technical which prevents the taking over of XRI persistent identifiers. The
only thing that reduces risk here is people's and organization's willingness
and ability to follow the rules. Such trust may well be reasonably held, but
there remains an ineradicable risk of entities' failure to perform as
intended... (Note: The previous comments should not be taken as a criticism
of XRI. This 'risk' is an inevitable characteristic of this class of system
and of this type of "solution".)
bob wyman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061228/73c7926c/attachment-0002.htm>
More information about the general
mailing list