[OpenID] Where can I get a free i-name?
Drummond Reed
drummond.reed at cordance.net
Mon Jan 15 06:29:23 UTC 2007
>> Martin Atkins wrote:
>>
>> There's no reason why the display identifier and the key identifier have
>> to be the same, as long as you've ensured that the substitution is valid.
>
>Dmitry Shechtman wrote:
>
>...further complicating already overly complicated implementation. I have
>started integrating OpenID into an existing system, and it wasn't too
>pleasant an experience, even before XRI support was considered.
I'm the first one to admit that having to deal with both reassignable and
persistent identifiers is a PITA. But with OpenID, a user's digital
identifier IS the root of their digital identity, so if it reassigned to
someone else, the consequences are disastrous. At a meeting I attended last
week it was explained this way: no one would design a database where the
primary key for record might be reassigned to a different record in the
future. It would threaten the integrity of the entire system.
Again, this is one of the main reasons XRI happened starting over five years
ago -- it was anticipating precisely this point at which digital identifiers
became the key to a whole layer of digital identity services. Once that
happens, having a persistent key (i-number) to which one-or-more
reassignable keys (i-names or URLs) can point becomes really important.
>> (Though there are questions about correctly cleaning all this up later
>> when the i-name gets reassigned and the new owner signs in.)
>
>That shouldn't be much of a problem. The i-name is just another property of
>the user, so it can be easily reassigned to another one (replacing the old
>i-name display with i-number?).
Yes, the i-name is just a property/attribute/claim of the user whose
persistent key is the i-number. If the user later drops that i-name (i.e.,
lets it expire or reassigns it to someone else) and starts using another
i-name, the RP can just update the reassignable synonyms in its user table,
however the i-number is never replaced (because it's persistent).
See the recommended guidelines for how RPs should handle both URLs and XRIs
as OpenID identifiers (from an earlier thread on this subject) on the
dev.inames.net wiki at:
http://dev.inames.net/wiki/index.php/Tech_FAQs#What_are_the_recommended_modi
fications_OpenID_Relying_Parties_.28RPs.29_should_make_to_their_user_tables.
3F
=Drummond
More information about the general
mailing list