<span class="gmail_quote">On 12/27/06, <b class="gmail_sendername">Drummond Reed</b> <<a href="mailto:drummond.reed@cordance.net">drummond.reed@cordance.net</a>> wrote:</span><br><div>> XRI infrastructure solves this problem by explicitly supporting
<br>> reassignable identifiers (i-names) and persistent identifiers<br>> (i-numbers) and permitting the resolution of any reassignable<br>> i-name to be mapped immedidately to a synonymous<br>> never-reassigned i-number which can be safely stored by an
<br>> OpenID Relying Party without exposing the identity owner to the<br>> risk of having their i-name "taken over".<br><br>The XRI Syntax specification says that a Persistent Identifier is "An identifier that is permanently assigned to a resource and
<span style="font-weight: bold;">intended</span> never to be reassigned to another resource." While it may well be the "intention" that such persistent identifiers are never to be reassigned, one must accept that an "identity owner" is, in fact, exposed to some "risk of having their i-name 'taken over'" in the case of unintended events. There is nothing technical which prevents the taking over of XRI persistent identifiers. The only thing that reduces risk here is people's and organization's willingness and ability to follow the rules. Such trust may well be reasonably held, but there remains an ineradicable risk of entities' failure to perform as intended... (Note: The previous comments should not be taken as a criticism of XRI. This 'risk' is an inevitable characteristic of this class of system and of this type of "solution".)
<br><br></div>bob wyman<br><br>