[OpenID] Case for a unified scheme for OpenID "oid:"

Sat Nov 28 16:15:34 UTC 2009

Hi John,
Thanks for the links. I am beginning to see how difficult it is going to be
to get this passed W3C.

I was actually looking at the list of official IANA registered schemes here.
(I hope this list is accurate).
http://en.wikipedia.org/wiki/URI_scheme

<http://en.wikipedia.org/wiki/URI_scheme>And i was thinking we had a better
case than many of the registered scheme's here. Here is the case we could
make.

1) OpenID would like to support more schemes than the http scheme alone.
However this would be impractical because it would only increase in
complexity with each scheme supported in future.
2) Instead OpenID would register its own scheme, with a syntax that would
allow for a limited scheme specific possibilities, that represents a large
majority of identities used around the world today.
3) There is no IANA registered scheme representing "identities". OpenID
being the premier identity service protocol would like to be the first to
register a scheme specific to identities.

It might be well worth to send a preliminary email to the concerned people
on this regard and let us see what they have to say.

Thanks
Santosh

On Sat, Nov 28, 2009 at 8:55 PM, John Bradley <ve7jtb at ve7jtb.com> wrote:

> Hi Santosh,
>
> The W3C has set the bar very high on registering new URI schemes.
> http://www.w3.org/2001/tag/doc/URNsAndRegistries-50.xml
> http://www.w3.org/2001/tag/issues#httpRange-14
>
> Any new scheme that is approved will need to show significant benefit that
> cannot be accomplished with existing schemes and specifically http:
>
> The XRI TC ran up against this with XRI and the proposed xri: scheme.
>
> I suspect that it would be argued that the discovery process for openID
> should deal with multiple identifiers or that all identifiers can be named
> with http: URI.
>
> The Web-Finger people are taking a run at the issue with a proposed acct:
> scheme.
> I suspect that it will not become an official scheme though.
>
> The XRI TC in consultation with the W3C agreed to rework the XRI identifier
> as a relative URI rather than creating a new scheme.
>
> I think I understand what you are trying to do.  I won't comment on the
> details of your proposal because I think there are larger issues that need
> to be overcome for something like this to be accepted.
>
> I recommend reading the above references,  and perhaps some of my dialog
> with the TAG on there mailing list, for background.
>
> Regards
> John B.
> On 2009-11-28, at 11:49 AM, Santosh Rajan wrote:
>
> I have been thinking of OpenID's representing a universal set of identities
> for months now. Given that we all agree that identities must be URI's, there
> is one solution to the problem we can consider for OpenID v.next.
>
> One of the problems with OpenID's is that it only supports a subset of all
> URI's, the "http" scheme. One of the solutions is to allow OpenID to support
> more URI schemes. But then I realized this would only let the cat among the
> pigeons. We could not allow an infinite no of schemes that come up in the
> future asking for OpenID support.
>
> Instead I have come to the conclusion that the best solution for OpenID is
> to register its own scheme. I will explain the suggested scheme with the
> following example.
>
> 1) oid:example.com/joe
> 2) oid:joe @ example.com
> 3) oid:example.com:1234567890
>
> And here is the URI syntax for the 3 examples above
>
> 1) oid:<host>[/[[path]][#fragment]
> 2) oid: <username>@<host>
> 3) oid: <host>:<id-string>
>
> (1) and (2) are self evident. (1) is the http URI. (2) supports the email
> like identifier. (3) requires more explanation. People are used to "id's",
> which may be an id issued by a govt or bank or any organization that has
> members. A lot of people already have access to this id which they are
> already using online. It may be a national identity no, or a company
> username or whatever. By supporting option (3) we allow those organizations
> who want to support OpenID to continue to allow their users to use the same
> id's they are used to. (Of course i have stretched (3) a bit to include govt
> and banks which is far fetched now considering the security implication, but
> lets assume we will be able to solve those problems).
>
> Please feel free to comment on this idea which ever way you like.
>
> --
> http://hi.im/santosh
>
>
>  _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
>
>
>

-- 
http://hi.im/santosh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091128/5de89eea/attachment.htm>