[OpenID] Identifier persistence (was RE: Don't you think digital identity URIs should have aspecific TLD?)
James A. Donald
jamesd at echeque.com
Sun Dec 31 03:59:44 UTC 2006
Drummond Reed wrote:
> The XRI Syntax specification says that a Persistent
> Identifier is "An identifier that is permanently
> assigned to a resource and intended never to be
> reassigned to another resource." While it may well be
> the "intention" that such persistent identifiers are
> never to be reassigned, one must accept that an
> "identity owner" is, in fact, exposed to some "risk of
> having their i-name 'taken over'" in the case of
> unintended events. There is nothing technical which
> prevents the taking over of XRI persistent
> identifiers.
To prevent such misuse by technical means, the XRI
persistent identifier, in the case of an indentifier
associated with a person, would need to be something
such as the hash of the public key of a private key held
by that person.
Unfortunately, past efforts to create systems based on
individuals holding private keys have produced systems
that were rather user hostile.
I still favor such a system, and believe if done right
it would be usable, but there is a long history of such
systems being unusable.
The concept of having reassignable identifiers and
persistent identifiers is an example of Zooko's
triangle, however XRI is only a partial and incomplete
implementation of Zooko's triangle
More information about the general
mailing list