[OpenID] Using HTTPS Openid Providers

[Peter Williams]

I think I'm ready to circle all the way back now to XDI.

In 1995, the editor of the ISO working group (bound by a million ISO
rules on process) took the unusual step of publishing his personal
editing drafts of long-evolving X.509 specification on the web (before
they went formally into any committee process).

He made a bold decision. About the only part of ISO work of telematic
systems that had any bearing on today's actual web culture (PKI used in
https) was from that document.

See if you can play similar games within OASIS process - and "release"
yet don't technically "publish" so-called "pre-draft" material on XDI -
particularly as it relates to RDF.


> Peter, I assume you mean the XDI.org XRI proxy resolver (that operates
> at
> xri.net). Yes, one of the advantages of XRI resolution architecture,
> because
> it layers over IP/DNS-based URI architecture, is that you can secure
an
> XRI
> proxy, or any XRI registry (no matter how many identifiers it servers)
> with
> a single SSL cert. That's why the OpenID Authentication 2.0 spec
> mandates
> HTTPS for resolving all XRI =names/numbers and @names/numbers.
> 
> =Drummond (http://xri.net/=drummond.reed)