[OpenID] HTML-Based Discovery incompatibilities

[Peter Williams]

That was the idea motivating the creation of XRI iBrokers to that hosted users XRDS file and openID authentication service.
The idea was to provide those high level interfaces for users to configure and manage their identities.

[Peter Williams]

This is how I saw XRI at the outset - the place where you configure your vanity openids, orchestrated redirects (which worked once f or me), and configured formal delegation after importing an OP's metadata to the XRI wizard ( which I never made work)

The trouble is I'm not sure whether or not the i-broker is or is not supposed to have "control" over that discovery act. How redundant is it? Is the idea I register for 10 XRIs (all at different ibrokers)?

With URLs, I simple post my XRDS at any one of 10 locations (all the accounts of my friends, which I do for them in turn), and unless there is a massive conspiracy between the 10 hosting sites, revocation of my Google hosting account say will have minimal impact on my ability to talk to my RP accounts. I have redundant OPs, redundant discovery points, and no central portal or DNS/XRI authority can impact my connection to the RPs where I have accounts.

What this buys me is ...when (not if) someone  or other merely makes a damaging reputation assertion and complaint about my conduct to Google OP... who will promptly suspend or dump me with little or no recourse... there is really no impact on me from a mere assertion. I know Google (or any large portal) won't protect me, over the "community" they serve. The complainant only has to threaten Google with DCMA (with or without merit) to induce an impact on me. And until openid came along in the identity stakes, I was left 100% powerless in the websso space.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090108/69ae7221/attachment-0002.htm>