[OpenID] ICANN - dotOpenID Has Found Its First Sponsor

Peter Williams pwilliams at rapattoni.com
Sat Sep 27 17:14:23 UTC 2008 

Snorri: dont get too excited about national adoptions of stuff.  Vienna is fully ENUM enabled, too. Helsinki has full SSO roaming between GSM carriers (its built into GSM key management standards!) that allows for phone banking.

Its a useful to measure openid focus tho - who ...with (intelligent not VC) money to invest ..thinks what! about OpenIDs "core infrastructure problems" - What is it that needs solving, at a business/board level that can vector OpenId into the "infrastructure" league, that lots of big capital companies can then own?

Is is the "means to deal with the 'scourge' of comment spam"? - OpenID future is all about reputation management

Is it the means to hold "blog commentators liable for their defamations"? - OpenID ensures only authenticated blog-comments are allowed in China ISPs ...and lots of dispute management services get sold

Is it the "UCI liberator that frees up social networks"? - OpenID forces Facebook to share the ball in the web2.0 playground, like it forced AOL to share IM buddies with MSN, Yahoo and jabber (urrr...)

Is it "the URL that will finally save RDF"? - OpenID saves Foaf and UI-based ontology-based mashups  (and authenticates SPARQL queries to SQLSERVER 2008, while its at it)

Is it now the savior of DNSSEC ? - ie. OpenID gets the Assurance Liberty says is missing - by relying on an external (non XRI) trust fabric (Nate's main point). Hmm!

Is it an ICANN marketing ploy to decouple secure naming from SSL certs in favor of DNS and IPv6?  - Attack VeriSign's ultimate source of leverage in the .com name registration market (since SSL/certs do the same as DNSSEC, practically)? Who on Earth would have ICANN to do that!!?And, Why!?

Lots to think about.

________________________________________
From: general-bounces at openid.net [general-bounces at openid.net] On Behalf Of Snorri [snorri at snorri.eu]
Sent: Saturday, September 27, 2008 9:43 AM
To: 'Martin Atkins'; 'Hans Granqvist'
Cc: 'Zdravko Stoychev'; board at openid.net; general at openid.net
Subject: Re: [OpenID] ICANN - dotOpenID Has Found Its First Sponsor

I agree!

About DNSSEC, e.g.: I believe that the Swedish NIC http://www.iis.se/ (also
in Bulgaria: ".bg") already use and sign with DNSSEC for their ccTLDs
domains...

-Snorri

-----Message d'origine-----
De : Martin Atkins [mailto:mart at degeneration.co.uk]
Envoyé : samedi 27 septembre 2008 10:55
À : Hans Granqvist
Cc : Snorri; board at openid.net; general at openid.net
Objet : Re: [OpenID] ICANN - dotOpenID Has Found Its First Sponsor

Hans Granqvist wrote:
> Wrong end of the URL!
>
> A big problem with OpenID is that it uses ugly URLs as identifiers.
> That they start with "http://" and have dots. It's not what TLD they
> end with that is a problem.
>
Much like when URLs are published in the press, the http:// prefix and
the single-slash path component can be omitted when displaying these
URLs to users. I wish more RPs would do this.

As for it being a problem that the identifiers contain dots... that's
clearly a subjective issue!
> Anyway, compared to say, ".com", how will creating ".openid" help
> improve anything? Looks like a misspelling of "opened". "myid"
> isn't much better.
>
>

One thing that amuses me about this proposal is that putting everything
OpenID in one DNS domain would make it look a lot like the first version
of Sxip where the IdPs where subdomains of sxip.com (or something like
that; it's been a while.)

I know that's not exactly what's being proposed here, but it did make me
chuckle from a "what's old is new again" perspective.

One thing I would be interested to know is whether having a new
top-level domain for identifiers would make it possible to use different
rules inside that domain such as requiring DNSSEC. It's become clear
that getting DNSSEC deployed right at the root and in the existing TLDs
is not happening soon, but perhaps it can be used under a new TLD if RPs
support it. I confess to not knowing a great deal about DNSSEC, but it
seems to me that in order for it to be worth having a new TLD
*something* has to be different to the existing free-for-all domains.
Addressing the concern that OpenID depends on DNS and DNS is insecure
would be a useful goal.



_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general

More information about the general mailing list