<HTML dir=ltr><HEAD></HEAD>
<BODY style="WORD-WRAP: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space">
<DIV id=idOWAReplyText85785 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>Someone is probably going to claim Im maligning their imputed intent in limiting programme scope to OpenID1, but its interesting to see the UK advanced academic communities spin on OpenID - limiting experiments to OpenID1, wiki and blogs. Its rather similar to Concordia in that respect - that only admits interaction with OpenID <FONT face=Arial size=2>in practice </FONT>to the likes of its wiki site (where there is no access control and little policy, by the nature of wiki collaboration).</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2><A href="http://www.jisc.ac.uk/whatwedo/programmes/programme_einfrastructure/reviewofopenid.aspx" target=_blank>http://www.jisc.ac.uk/whatwedo/programmes/programme_einfrastructure/reviewofopenid.aspx</FONT></A></DIV>
<DIV dir=ltr> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>I dont think the community here is marketing its XRI story well, at all. Its almost timid about it, from my vantage point. But at least the Cocordia wiki (a mediawiki) works well with the XRI resolver. It has all the means it needs now to get a statement of authority from the i-names infrastructure. How any naming authorities trust each other is now pertinent question. Are their mechanisms within the distributed resolution algorithm (like in X.500) or will i-services store cross-certificates linking naming contexts? Will i-services at load-balancers become caches of openid associations/sessions, like in some of the advanced TLS modes of operations?</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>I may have to break down and join OASIS, just to purchase the XRI specs.</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>-----------</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>Given that the trust notion is very much tied to using the web and SSL certs as a giant name server, and given that XRIs are OpenIDs, and given XRI has very specific authority and authority-delegation models that will impact such URI patterns in the handlers addressing "naming realms", I'm not sure that its appropriate to say that OpenID (v2) has a "lightweight" trust model. Lightweight may have been true descriptor for OpenID1, I'd grant you that. But in OpenID2 + XRI, we have anything but lightweight. Don't we now have a full power authority-revolver (and name-revolver) infrastructure built into every conforming OpenID2 RP? One only has to look at the uses of wildcard XRIs in the XRDs from i-name servers accessed via YADIS (or HXRIs) to get a feel for what's going on, here.</FONT></DIV></DIV>
<DIV dir=ltr>
<DIV id=idOWAReplyText24024 dir=ltr>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV></DIV></DIV></BODY></HTML>