[OpenID] Comment on new Draft host-meta
SitG Admin
sysadmin at shadowsinthegarden.com
Fri Oct 30 06:21:00 UTC 2009
Peter, have you read Zooko's "pick any two" Triangle paper?
http://www.erights.org/elib/capability/pnml.html
Perhaps reframing the change in this light will help us see what we lose?
-Shade
>In this question of "openid upgrade" (not that there is an openid Foundation
>WG with any such question to decide) DNS control constructs appear to rear
>their ugly head. In this, the handling of openid identifiers may be tied to
>"scheme mapping controls" (which is not the ugly part). Given the
>introduction of DNS security controls into the handling of identifiers
>(something not present in openid1 or openid2), this seems to bring with an
>inherited governance structure (based on "scheme authorities" that are now
>being tied to DNS registration entities, and DNS's own internal governance
>mechanisms). This topic is obviously relevant to the mission of the openid
>(de-centralized, user centric) etc - a mission that MAY be changing on us as
>we speak, given the introduction into the equation of a role for DNS
>[governance] that did not exist before.
>
>In general, the notion of a need for TTP services engaged in "scheme
>mapping" seems to be an application of synonym handling - so openid3
>(particularly under Google's leadership) can migrate to user-friendly email
>addresses in the UI (which map onto http URIs under the hood, upon "scheme
>mapping"). However, that mapping needs to be "authoritative". In this way,
>consumers get what they will consume (email addresses), but one stays
>compatible with the semweb technically (based on http URIs). Jurisdictional
>issues about who controls what schemes in which authority spaces... seem
>tied up with DNS issues, and address the authoritiveness questions. The
>purposes of trusted XRD (signed XRDs with subjects) appear orthogonal to
>this core authoritativeness issue set.
>
>-------
>
>What DARPA are upto in projecting US-centric controls via DNS needs
>monitoring (as always). But, none of it sounds particularly evil. In fact,
>its sounds a quite exciting upgrade path - even if I have only got it 30%
>right.
More information about the general
mailing list