[OpenID] Recycling OpenIDs (Was: What's broken in OpenID 2.0? (IIW session))

Recordon, David drecordon at verisign.com
Sun Jul 8 19:19:35 UTC 2007 

Realizing I'm jumping in late, though I'd have to agree with Mart here.
For a while I've felt strongly that the OpenID spec around discovery
should only describe what to do with = and @ i-names and recommending
use of the proxy resolver.  Then saying that if a RP wants to accept
other forms of an XRI it needs to figure out how to do so on its own.

--David

-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of Martin Atkins
Sent: Monday, June 11, 2007 4:21 AM
To: general at openid.net
Subject: Re: [OpenID] Recycling OpenIDs (Was: What's broken in OpenID
2.0? (IIW session))

Peter Williams wrote:
>  
>  Only control of the unique inumber (which could 
>> be based on Freenet DHTs as easily as on DNS) offers the 
>> non-subvertible persistent identity desired by anyone seeking 
>> complete freedom from authority.
> 
> This is what I just cannot get my head around - on what the mainline
> OpenId community is actually doing! XRI can mean so many things,
> depending on the management model one applies to its generic
framework.
> The above is one extreme, whose existance is important (if rarely
> actually leveraged) when seeking mass adoption.
> 

I'm gravely concerned by several recent messages that have said things 
along the lines of "Problem X is not a problem because XRI 
infrastructure can *theoretically* do Y."

I can only get behind XRI being in the OpenID 2.0 spec if:
  * A particular, interoperable protocol or set of protocols is called 
out and described completely.
  * The whole end-to-end resolution process mapping a defined set of 
XRIs that are allowed when using OpenID to a particular XRDs document is

written down clearly somewhere in a manner that is suitable for OpenID 
developers that have no interest in the rest of the XRI infrastructure.
  * The implementation of the above does not place an excessive burden 
on RP developers above and beyond what they have to include to support 
HTTP URLs.

I was starting to warm to the idea of supporting i-names on the basis 
that they are well defined, reasonably well-understood and they can be 
supported with minimal burden through the use of a proxy resolver. 
However, if that same mechanism cannot be applied to these 
"peer-to-peer" XRIs or XRIs from alternative roots then I don't believe 
that they can reasonably be included in the OpenID 2.0 specification. 
OpenID developers should not have to jump through hoops to implement a 
protocol that has little adoption thus far and has yet to prove itself.

(As usual, I'm speaking only for myself here.)


_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general

More information about the general mailing list