[OpenID] Recycling OpenIDs (Was: What's broken in OpenID 2.0? (IIW session))
rajeev
kreaper at gmail.com
Mon May 14 01:59:59 UTC 2007
Martin Atkins <mart <at> degeneration.co.uk> writes:
>
> A) Identifiers for authentication. This is to do with preventing a
> subsequent identifier owner from accessing data created by prior owners.
>
> B) Identifiers for identification. This is to do with figuring out who
> actually did something given only an OpenID identifier as attribution.
>
> As you correctly point out, XRI solves A by having a "canonical id".
> However, unless I'm mistaken it doesn't solve B.
>
> That's not to say I don't believe solving A alone is valuable, though. I
> still think that finding a way to adapt XRI synonyms to provide similar
> functionality for HTTP URLs is worthwhile, though of course due to the
> nature of the beast it would necessarily tie the user to whatever entity
> provides the canonical URL.
>
I have been following the XRI and OpenID technologies with much interest and
I have never felt caught up enough to actually post anything. But reading
this thread, I felt the urge to respond:
It appears to me that in this problem aspect, we have a workable framework in
XRI that we should build upon. Am I misunderstanding when I say that it
appears that we are trying very hard not to admit that XRI has something to
offer here and re-invent the wheel ?
a) Identifiers for authentication: you have an i-number that never changes.
Authentication should/is does using that i-number so there is no case of
mistaken identity.
b) Identifiers for identification: the canonical id for an i-number is an
i-name.
- PersonA signs up for an i-name called =persona. In the background,
Person A was actually given an i-number which is permanent
=persona -> =!1000.a1b2.93d2.8c73
- I sign up to flickr and have some objectionable content there
- 2 years later, PersonA gets a new i-name after marriage/whatever and
wants a new i-name to show off. From what I understand, one can get a new
i-name and still map it to one's own unique i-number.
PersonA's new i-name is =PersonMarriedName
Still, =PersonMarriedName -> =!1000.a1b2.93d2.8c73
The original i-name (=persona) is recycled and is tied to a new i-number.
Call me a newbie and explain what I am missing here ?
More information about the general
mailing list