[OpenID] Anti-XRI FUD

James A. Donald jamesd at echeque.com
Sat Jan 6 04:02:03 UTC 2007


Jens Alfke wrote:
 > Currently, along with OpenID, the identity-related
 > technologies that really excite me are
 >
 > *  Unmanaged Internet Architecture
 > (http://www.brynosaurus.com/pub/net/uia-osdi-abs.html)
 > * Petnames
 > (http://www.skyhunter.com/marcs/petnames/IntroPetNames
 > .html) * YURLs
 > (http://www.waterken.com/dev/YURL/Analogy/)
 >
 > All of these are 100% decentralized, using DNS only as
 > an optimization.

Bookmarks, links, and google, already provide most of
the functionality required for a full zooko triangle
system.  Yurls would render domain names and PKI
irrelevant, while providing (quite transparently to the
user) the functionality that PKI promised, but did not
in fact deliver, as the phishing storm demonstrates.

However yurls are not human readable or writeable, so in
an yurl based world, if a yurl is one's identifier, it
would need to be filled in by the browser.  Openid, as
specified at present, is designed so that it needs no
browser extension or browser helper object.  A yurl id
would need a browser extension.



More information about the general mailing list