[OpenID] OpenID 2.1 Identifier Types --> WAS [Discovery for Email like identifiers]

David Fuelling sappenin at gmail.com
Thu Jun 4 21:09:52 UTC 2009 

Peter (et al):

I'm open to discussing the "type" of identifier that OpenID 2.1 should
support.  I rather agree with one of your (Peter's) previous posts that
OpenID should allow _any_ type of identifier.  I would add the following
caveats to that support, as follows:

   1. *ALL OpenID 2.1 Identifiers MUST be Resolvable to XRD
   *Any OpenID Identifier MUST be able to be resolved to an XRD (with XRD
   being the primary "discovery" mechanism supported by OpenID 2.1).  Legacy
   discovery mechanisms from OpenID 1.0, 1.1, and 2.0 should still be
   supported, but would be restricted to URL's & XRI's (with EAUT possibly
   filling in the gap for email addresses).

   2. *Start With Only 3 Required Identifiers as a Baseline
   *OpenID 2.1 should mandate that all OP's and RP's support URL, XRI, and
   Email-like identifiers (only because these are the most common form of
   identifier -- Peter, I personally don't see a lot of LDAP identifiers being
   thrown around today on business cards, e.g.).

   3. *Allow for Future Identifier Support as Decided by the Community
   *An extension mechanism should be defined that allows the OIDF community
   to endorse (via extension specifications) new OpenID 2.1 Identifiers.  The
   Jabber Foundation has done this sort of extensibility thing with decent
   success (not necessarily with Identifiers, but in general).  This Identifier
   extensibility model would accomplish the following:

   1. It will preclude the need to actually _decide_  whether and which
      types of new identifiers to include in the 2.1 spec (email
identifiers not
      withstanding).
      2. It would allow the community to vote on each new particular
      identifier type on its own merits, preventing the "stall" of the 2.1 spec.
      3. It would ensure that OP's and RP's are only required to support a
      baseline of OpenID functionality, while at the same time leaving
room some
      new form of identifier that might take off in the future (Google Wave?
      Nah....Looks like that will still have an email address format for
      Identifiers).

      4. *Some Other Requirement?
   *Am I missing something?


On Thu, Jun 4, 2009 at 8:21 PM, Peter Williams <pwilliams at rapattoni.com>wrote:

> There is no open discovery protocol. There is simply use of 2 externally
> defined protocols (yadis and xri resolution).
>
> As it stands, openid auth spec constrains ane canonicalizes c the allowed
> inputs to those protocols, when used.
>
> Are you guys also proposing that an op might discover an rp realm xrd, from
> a rp identified in openid auth that is not either an http/s scheme url or an
> xri?
>
> Will it be mandatory for op to support webfinger, if the rp realm chooses
> to so identify itself?
>
> Why this one and not all the others such as gc and ldap? (apart from, its
> in the news today)
>
> ________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090604/3bc28038/attachment.htm>

More information about the general mailing list