[OpenID] help needed on walled garden XRI server

[Peter Williams]

I may have the terms not quite right, but I think we want to run without our private network a standalone, "freeid server", provisioning and resolving XRIs. Much like an ldap client can point to active directory and can only resolve those names in the domain to which the ldap server is authoritative (despite the domain being part of a wider federation of domains and trusts), so I want xri resolution to only resolve for its nonpublic/local "community" root. That is: it need not (and I dont want) it to connect to, be governed by, or resolve for the i-names/number public system.

To support the openid mission in general, what we want to do is run an XRI name server, of the above type. As each new google/yahoo style identifier is released to us as RP, we want to create a (walled garden) community child, whose user authority has a forwarding i-service that locates that very same google/yahoo pseudonymous URL. As each such URL from different OPs map onto a given RP-provisioned number - a local id which ideally would be XRI canonical-id rather than a GUID -  we would provision a new XRI with XRI refs - identifying itself as synonym to all its peers

is there a way to do this?

if this was active directory DC, there would be a rid server that hands out blocks of unique local-identfiers, so multi-mastering and renaming all works. Without joining the i-services world, formally, is there a way to run a XRI name server now, autonomously and in walled garden mode, that COULD (one day) join up with other naming regions...to participate in public resolution?