[OpenID] Don't you think digital identity URIs should have a specific TLD ?

seb20 seb.deuxzero at googlemail.com
Thu Jan 4 07:45:55 UTC 2007

Hi Bob,

Thanks for your reply, and sorry for the delay (christmas season :-)  
Please see my comments bellow.:

On 27 Dec 2006, at 21:12, Bob Wyman wrote:

> On 12/22/06, seb20 <seb.deuxzero at googlemail.com> wrote:
> > I'm new to OpenID, and I would like to have your feedback on this
> > post I wrote on my blog
> One of the important goals in this effort is to make identity as  
> easy as possible. I think your proposal would make things harder  
> for everyone -- even though it is something that initially sounds  
> quite reasonable. The problem is that over the years we've learned  
> that even things that sound "reasonable" can be fraught with  
> problems that appear in practical use. If identity URLs were to be  
> assigned only under some new ICANN created domain, then we would  
> have a number of very serious problems to deal with:
> It isn't certain that ICANN would, in fact, create the new domain.
> Internationalization is an issue. ".ego" might make sense for a  
> number of languages, but we would probably see folk in some  
> countries insist that an "identity" domain be established to  
> "sound" like something in their language. This would eliminate the  
> value of a single top-level domain.

When you think about all the current TLD (org, com, edu, etc...) they  
all refer to the latin language (organization, commerce,  
education, ...). 'ego' means 'I am' in latin. Of course, we could use  
'id' (current TLD for Indonesia)... TLD is full of meaning, even if  
it does not mean anything; but we tend to think that a .org domain  
will be used by a non profitable organization, that .com domain will  
be used by a commercial website. 'ego' or 'id' domains would just  
mean that this url is not a domain address, but an identity address.

> Even if ICANN did create the domain, it wouldn't happen for a long  
> time. ICANN is not known to move fast...

So we must start to lobby now ;-)

> We wouldn't know for some time what the process would be for  
> assigning identities under the domain.
> Just as we have "competition" for subdomain names now, we would  
> have yet-another-namespace to fight over. I have "wyman.us" today.  
> How likely am I to be able to get " wyman.ego" assigned to me? (Not  
> likely... I would probably end up with something truly ugly like  
> "wyman0233.ego"...)

In France, the .fr TLD is strictly assigned to the people who are the  
most legitimate; for example, I will have difficulties to buy someone  
else's name domain. It's the local ICANN contact who is in charge of  
checking this.

To make it less complex to manage, the digital identity urls should  
not match only the names, but should refer to other things like your  
company, your district, etc... (which means we could have several  
digital identity urls): sebastien.sacard.microsoft.ego,  
sebastien.sacard.ca.usa.ego, etc...

These digital identities urls should be allocated by legal  
authorities, or private companies (where you work, your bank: exactly  
like today where they issue a credit card or a badge with your name  
on it).

> The current system allows anyone to create an identity URL and it  
> allows anyone to create as many as they might like. Thus, I can  
> easily create an identity for my daughter under the wyman.us domain  
> without needing anyone's permission and without paying anyone for  
> the privilege. This freedom to create identities would be lost to  
> some number of centralized "identity domain brokers" if we relied  
> on special ICANN allocated domains. That would not be good.
Not necessarely: even if the domain is specific, any registrar could  
do it and we would have so many identity domains brokers that we  
could find some who would do it for free. And as proposed bellow, it  
could be legal authorities to provide these urls, automatically when  
you are born, or when you join a company, or join a club, etc...

> The more namespaces are associated with each user, the more  
> confusing naming and using names becomes. It's hard enough for folk  
> to remember that "wyman.us" is my domain (not " bobwyman.com" or  
> "wyman.com"). It would be very hard for people remember the  
> association between "wyman.us " and "wyman.ego". (Does wyman.ego go  
> with wyman.us or with wyman.com?) It would be harder to remember  
> the connection between " wyman.us" and "wyman0233.ego".
Digital identities are not meant to be used by others, but by  
yourself - most of the time, your digital identity url will be  
attached to your mail, displayed on your website, etc. Basically on  
any document you need to be identified. Just like your email address.

> Creating a subdomain under ".ego" would probably require paying  
> money to someone. This incremental expense would be a significant  
> burden to quite a few users who either don't have the funds or  
> don't have the mechanisms to pay ( i.e. they would inevitably need  
> credit cards. Not everyone who needs an identity has a credit card.)
I hope not - digital identities urls should be provided by legal  
authorities, or companies.

> I'm sure there are other considerations. But, keep thinking of  
> ideas in this space. There is still much room for new ideas and  
> creativity.

I will, thank you !

> bob wyman

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070104/b9ec8112/attachment-0002.htm>

More information about the general mailing list