[OpenID] Recycling OpenIDs (Was: What's broken in OpenID 2.0? (IIW session))

rajeev kreaper at gmail.com
Mon May 14 01:59:59 UTC 2007 

Martin Atkins <mart <at> degeneration.co.uk> writes:

> 
>    A) Identifiers for authentication. This is to do with preventing a
> subsequent identifier owner from accessing data created by prior owners.
> 
>    B) Identifiers for identification. This is to do with figuring out who
> actually did something given only an OpenID identifier as attribution.
> 
> As you correctly point out, XRI solves A by having a "canonical id". 
> However, unless I'm mistaken it doesn't solve B.
> 
> That's not to say I don't believe solving A alone is valuable, though. I 
> still think that finding a way to adapt XRI synonyms to provide similar 
> functionality for HTTP URLs is worthwhile, though of course due to the 
> nature of the beast it would necessarily tie the user to whatever entity 
> provides the canonical URL.
> 

I have been following the XRI and OpenID technologies with much interest and
I have never felt caught up enough to actually post anything. But reading 
this thread, I felt the urge to respond:

It appears to me that in this problem aspect, we have a workable framework in
XRI that we should build upon. Am I misunderstanding when I say that it
appears that we are trying very hard not to admit that XRI has something to
offer here and re-invent the wheel ?

a) Identifiers for authentication: you have an i-number that never changes. 
Authentication should/is does using that i-number so there is no case of 
mistaken identity.

b) Identifiers for identification: the canonical id for an i-number is an 
i-name. 

   - PersonA signs up for an i-name called =persona. In the background,  
Person A was actually given an i-number which is permanent 
           
       =persona -> =!1000.a1b2.93d2.8c73
         
   - I sign up to flickr and have some objectionable content there

   - 2 years later, PersonA gets a new i-name after marriage/whatever and 
wants  a new i-name to show off. From what I understand, one can get a new 
i-name and still map it to one's own unique i-number. 
 
   PersonA's new i-name is =PersonMarriedName

   Still, =PersonMarriedName -> =!1000.a1b2.93d2.8c73

   The original i-name (=persona) is recycled and is tied to a new i-number.


Call me a newbie and explain what I am missing here ?

More information about the general mailing list