[OpenID] Recycling OpenIDs (Was: What's broken in OpenID 2.0? (IIW session))
Martin Atkins
mart at degeneration.co.uk
Sat May 12 09:03:59 UTC 2007
Drummond Reed wrote:
> I’m late in joining this thread, but I would be remiss if I didn’t point
> out this is one of the advantages of using an XRI as an OpenID. See the
> point about persistent identifiers at:
>
> http://dev.inames.net/wiki/XRI_and_OpenID
>
> Having infrastructure automatically map reassignable identifiers to
> persistent identifiers really starts to make sense when that identifier
> represents the keys to the kingdom. I suspect relatively few OpenID
> folks appreciate that this is the purpose of the CanonicalID element in
> an XRDS document. See the example below (my own XRDS):
>
>
Just grabbing something I wrote in another branch of this discussion:
A) Identifiers for authentication. This is to do with preventing a
subsequent identifier owner from accessing data created by prior owners.
B) Identifiers for identification. This is to do with figuring out who
actually did something given only an OpenID identifier as attribution.
As you correctly point out, XRI solves A by having a "canonical id".
However, unless I'm mistaken it doesn't solve B.
That's not to say I don't believe solving A alone is valuable, though. I
still think that finding a way to adapt XRI synonyms to provide similar
functionality for HTTP URLs is worthwhile, though of course due to the
nature of the beast it would necessarily tie the user to whatever entity
provides the canonical URL.
More information about the general
mailing list