<HTML dir=ltr><HEAD><TITLE>Re: [OpenID] OpenID Description?</TITLE></HEAD>
<BODY>
<DIV id=idOWAReplyText51976 dir=ltr>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2>The Reed et al paper argues that discovery is key. And who can argue with that! (NSA semantic joke!) Its a pretty convincing statement of current activity, c2008. The main flaw in the paper is its failure to recognize its fore-bears: X.500 name resolution. That flaw raises particular questions about the truth of the argument's claims, since X.500 was only a codification of other research-grade secure name server schemes, by ISO, long long long ago. Its most significant fact, for me, was to clarify that Higgins is really all about owl and rdf, and a meta-directory schema that assume rdf-capable UAs. It's most significant revelation was: that an XRD could contain a signed assertion (formatted using a SAML blob) that an RP may use to _control_ the later stages of name/key/canonicalID resolution.</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial size=2>I could not deduce the final message of the Fletcher slide show. If I have not said it in a while, remember that I'm not that bright/intelligent... so don't worry. Some of its Microsoft references were worrying.</FONT></DIV>
<DIV dir=ltr><FONT face=Arial size=2></FONT> </DIV>
<DIV dir=ltr><FONT face=Arial color=#000000 size=2><SPAN style="FONT-SIZE: 7.5pt">_________________________<BR></SPAN><B>Peter Williams<BR></B></FONT></DIV></DIV>
<DIV dir=ltr><BR>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Drummond Reed<BR><B>Sent:</B> Thu 4/17/2008 12:01 PM<BR><B>To:</B> Stephen Edgar; openid-general List<BR><B>Subject:</B> Re: [OpenID] OpenID Description?<BR></FONT><BR></DIV>
<DIV>
<P><FONT size=2>Stephen,<BR><BR>Unfortunately, as much as you would expect <A href="http://openid.org/" target=_blank>http://openid.org/</A> to represent<BR>the OpenID Foundation, it does not (the owners said they wanted to donate<BR>the domain to the OpenID Foundation but they did not). The official OpenID<BR>Foundation site is at <A href="http://openid.net/" target=_blank>http://openid.net/</A>. I'm sincerely hoping that the<BR>information you find there is not "sales blarney".<BR><BR>Second, the fourth assumption on your bullet list below - "the intention<BR>that each person have only one id" - is definitely not true. A key feature<BR>of OpenID 2.0 is widely referred to as "directed identity" after Kim<BR>Cameron's Fourth Law of Identity<BR>(<A href="http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf" target=_blank>http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf</A>). This<BR>feature allows a user to login to a relying party (RP) with the identifier<BR>of their OpenID Provider (OP) rather than their own identifier, and for the<BR>OP to generate a pairwise unique OpenID identifier for the user at that<BR>particular RP.<BR><BR>If you want a deeper analysis of that feature, plus other privacy-related<BR>features of OpenID, one reference is a paper on OpenID discovery I gave last<BR>month at the IDtrust Symposium:<BR><BR> <BR><A href="http://middleware.internet2.edu/idtrust/2008/papers/01-reed-openid-xri-xrds" target=_blank>http://middleware.internet2.edu/idtrust/2008/papers/01-reed-openid-xri-xrds</A>.<BR>pdf <BR><BR>George Fletcher of AOL also gave another OpenID paper there:<BR><BR> <BR><A href="http://middleware.internet2.edu/idtrust/2008/slides/11-fletcher-openid.pdf" target=_blank>http://middleware.internet2.edu/idtrust/2008/slides/11-fletcher-openid.pdf</A><BR><BR>Hope this helps,<BR><BR>=Drummond<BR><BR>> -----Original Message-----<BR>> From: general-bounces@openid.net [<A href="mailto:general-bounces@openid.net" target=_blank>mailto:general-bounces@openid.net</A>] On<BR>> Behalf Of Stephen Edgar<BR>> Sent: Thursday, April 17, 2008 2:38 AM<BR>> To: openid-general List<BR>> Subject: [OpenID] OpenID Description?<BR>><BR>> Hi OpenID List!<BR>><BR>> This is my first post to the list and I am not bad myself on understanding<BR>> OpenID and some implementations on the tech front though I received via<BR>> another mail list the following and was hoping someone could point me to<BR>> some articles/links to address the following:-<BR>><BR>> <snip><BR>> Can anyone point to an accessible description of OpenID?<BR>><BR>> Like a lot of open source, the sites and the documentation are very<BR>> much by-geeks/for-geeks.<BR>><BR>> I suspect that it's just a latter-day MS Passport, but with:<BR>> - open specs<BR>> - more adopters (among corporations, if not among people)<BR>> - the scope for stronger linkage between the id and the entity<BR>> - the intention that each person have only one id<BR>><BR>> But I'd welcome any leads to a description or analysis somewhere<BR>> between the sales blarney at: <A href="http://www.openid.org/" target=_blank>http://www.openid.org/</A><BR>> and the highly segmented and detailed (and of course necessary)<BR>> tech-speak at: <A href="http://openid.net/developers/specs/" target=_blank>http://openid.net/developers/specs/</A><BR>><BR>> Thanks!<BR>><BR>> Roger Clarke <A href="http://www.anu.edu.au/people/Roger.Clarke/" target=_blank>http://www.anu.edu.au/people/Roger.Clarke/</A><BR>> Visiting Professor in Info Science & Eng Australian National University<BR>> Visiting Professor in the eCommerce Program University of Hong Kong<BR>> Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW<BR>> </snip><BR>><BR>><BR>> Regards,<BR>><BR>> Stephen Edgar<BR>> Stephen@netweb.com.au<BR>><BR>> _______________________________________________<BR>> general mailing list<BR>> general@openid.net<BR>> <A href="http://openid.net/mailman/listinfo/general" target=_blank>http://openid.net/mailman/listinfo/general</A><BR><BR>_______________________________________________<BR>general mailing list<BR>general@openid.net<BR><A href="http://openid.net/mailman/listinfo/general" target=_blank>http://openid.net/mailman/listinfo/general</A><BR></FONT></P></DIV></BODY></HTML>