[OpenID] Recycling OpenIDs (Was: What's broken in OpenID 2.0?(IIW session))

Peter Williams pwilliams at rapattoni.com
Sun Jul 8 21:28:45 UTC 2007 

Ok. This is what I read into what was stated; hopefully the meaning is
true.

 

For reasons unstated, the spec will state 

 

(i)     how conforming systems shall handle a particular subset of
i-name name-forms, and 

 

(ii) shall define how conforming systems shall behave when interacting
with one specific (commercial) provider of proxied, XRI name resolution
services.

 

The spec will offer non-standardized and non-normative recommendations
on using OpenID protocols for names and name resolution procedures other
than the above.

 

Now, I don't like some of the implications in that storyline. But let's
leave that opinion aside, in favor of what's good about it:-

 

a. OpenID1.x gave one persistent Identities for user to supply as
User-Supplied Identifies; one leveraged the delegated authentication to
obtain provider portability.

 

b. OpenID2.0 gives one an XRDS-based version of the same. OpenID2.0
gives one a little more in the feature arena, in that multiple providers
can be nominated as legitimate asserting parties.

 

c. OpenID2.0 gives one what XRIs have to offer - above and beyond the
above benefits of URIs - packaged in a clever manner that makes their
handling rather similar to handling URI Identifiers.

 

The part of the good stuff that doesn't hold for me is (c), given (i)
and (ii) above. The part of XRIs are interesting (group entitlement for
example) beyond URIs seem to be being given short shrift by the policies
of (i) and (ii).

 

XRIs come with a certain "user-acceptance baggage", compared to URIs. If
we now deny XRIs those very properties that can distinguish them from
the limits faced by URIs, sure we biasing XRI non-acceptance, given the
unlevel playing field the face against when competing with the more
accepted, easier to use, URIs?

 

 

-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of Recordon, David
Sent: Sunday, July 08, 2007 12:20 PM
To: Martin Atkins; general at openid.net
Subject: Re: [OpenID] Recycling OpenIDs (Was: What's broken in OpenID
2.0?(IIW session))

 

Realizing I'm jumping in late, though I'd have to agree with Mart here.

For a while I've felt strongly that the OpenID spec around discovery

should only describe what to do with = and @ i-names and recommending

use of the proxy resolver.  Then saying that if a RP wants to accept

other forms of an XRI it needs to figure out how to do so on its own.

 

--David

 

-----Original Message-----

From: general-bounces at openid.net [mailto:general-bounces at openid.net] On

Behalf Of Martin Atkins

Sent: Monday, June 11, 2007 4:21 AM

To: general at openid.net

Subject: Re: [OpenID] Recycling OpenIDs (Was: What's broken in OpenID

2.0? (IIW session))

 

Peter Williams wrote:

>  

>  Only control of the unique inumber (which could 

>> be based on Freenet DHTs as easily as on DNS) offers the 

>> non-subvertible persistent identity desired by anyone seeking 

>> complete freedom from authority.

> 

> This is what I just cannot get my head around - on what the mainline

> OpenId community is actually doing! XRI can mean so many things,

> depending on the management model one applies to its generic

framework.

> The above is one extreme, whose existance is important (if rarely

> actually leveraged) when seeking mass adoption.

> 

 

I'm gravely concerned by several recent messages that have said things 

along the lines of "Problem X is not a problem because XRI 

infrastructure can *theoretically* do Y."

 

I can only get behind XRI being in the OpenID 2.0 spec if:

  * A particular, interoperable protocol or set of protocols is called 

out and described completely.

  * The whole end-to-end resolution process mapping a defined set of 

XRIs that are allowed when using OpenID to a particular XRDs document is

 

written down clearly somewhere in a manner that is suitable for OpenID 

developers that have no interest in the rest of the XRI infrastructure.

  * The implementation of the above does not place an excessive burden 

on RP developers above and beyond what they have to include to support 

HTTP URLs.

 

I was starting to warm to the idea of supporting i-names on the basis 

that they are well defined, reasonably well-understood and they can be 

supported with minimal burden through the use of a proxy resolver. 

However, if that same mechanism cannot be applied to these 

"peer-to-peer" XRIs or XRIs from alternative roots then I don't believe 

that they can reasonably be included in the OpenID 2.0 specification. 

OpenID developers should not have to jump through hoops to implement a 

protocol that has little adoption thus far and has yet to prove itself.

 

(As usual, I'm speaking only for myself here.)

 

 

_______________________________________________

general mailing list

general at openid.net

http://openid.net/mailman/listinfo/general

_______________________________________________

general mailing list

general at openid.net

http://openid.net/mailman/listinfo/general

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070708/9a85e1ee/attachment-0002.htm>

More information about the general mailing list