[OpenID] Recycling OpenIDs (Was: What's broken in OpenID 2.0? (IIW session))
Peter Williams
pwilliams at rapattoni.com
Mon Jun 11 06:51:29 UTC 2007
Only control of the unique inumber (which could
> be based on Freenet DHTs as easily as on DNS) offers the
> non-subvertible persistent identity desired by anyone seeking
> complete freedom from authority.
This is what I just cannot get my head around - on what the mainline
OpenId community is actually doing! XRI can mean so many things,
depending on the management model one applies to its generic framework.
The above is one extreme, whose existance is important (if rarely
actually leveraged) when seeking mass adoption.
For example,
"Trusted resolution - the XRI resolution protocol includes a trusted
version that uses SAML assertions."
http://en.wikipedia.org/wiki/XRI
When we say that OpenID (2.0) addresses XRI and XRDs, can I legitimately
make a community-endorsed implementation that uses the XRI resolution
protocol, and one that specifically leverages SAML.. and expect it to
interwork with lots of others?... and be in the mainstream OpenID
community?
OpenID's communities public stance is very confusing because its based
on the runaway success of OpenID 1.0 era http solutions, yet it promotes
OpenID 2.0 strongly.
But, does OpenID 2.0 mean the above interpretation of XRI standards? ...
Or, does OpenID specifically not mean the above, because it specifically
limits itself to leveraging just a part of the XRI work - perhaps
reusing a bit of XRI syntax for ids stuffed on the end of http URLs
which are then used in the traditional, http-based resolution and then
OP <-> OP Consumer interaction?
More information about the general
mailing list