Hi Nate & Shade,<br><br>Delegation feature is good, but it helps an end user
only to some extent. <br><br>Let me elaborate why I'm saying "only to some
extent". Though OpenID today is solving the need for multiple usernames across
different websites, an obvious extensions of this model is to even include other
information that is typically spread across multiple websites.. like personal
details, professional details, email ids, IM/skype id, etc etc.. This is pretty
obvious from the feature requests page hosted at <a href="http://wiki.openid.net/WishList#Feature_requests.3F">http://wiki.openid.net/WishList#Feature_requests.3F</a>. When
such features get included, may be we should call it as "OpenProfile" ( as it
contains more details than just ID :) ). <br><br>Now assuming OpenID has these
too in its roadmap, whats does it mean to end user when he switches from one OP
to another (say using the delagation feature) ? He looses all the details that
he has been maintaining at the earlier OP. This is undesirable.<br><br>I believe
that "digital identity" problem should have been solved in this
fashion:<br> 1. Let there be some central digitalID server
to issue a digital identity, which is not attached to any URL (say I go this
server, register myself & ask for a digital identity "babu_n"). And in this
same server, I would also associate my digital identity with "OP
details".<br> 2. I would select an OP & register with
OP. Provide my digital id here & associate my digital ID with "my details"
(like password, personal/profession details, etc etc..). It should be mandated
how OPs should store "my details".<br> 3. I go to some
OpenID enabled website & provide my id as "babu_n". Here the OpenID enabled
website now contacts the "central digitalID server" & gets the OP details of
the user (here "babu_n"). After that it allows the user to get authenticated via
OP.<br><br>Instead of a single cetral digitalID server, we may opt for multipe
digitalID servers for high availability or performance reasons (just like the
DNS servers we have today).<br><br>It should be mandated that OPs store user
details in some standard format. And when user likes to migrate, the OP should
let these details be exported. The details exported this way may be used by the
user in importing at his new OP.<br><br>This way, it makes it easier for a user
to start with some OP & then decide whether to continue with the same OP or
switch. <br><br>Please let me know your thoughts.
<br><br><br>Thanks,<br>Babu<br><br><br><br><div class="gmail_quote">On Fri, May 30, 2008 at 8:32 PM, Nate Klingenstein <<a href="mailto:ndk@internet2.edu">ndk@internet2.edu</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div style="">
Babu,<div><br></div><div>The short answer: "yes, but." It is possible to address this use case with delegation. It's a good feature but may be too advanced for some users. It's certainly not standard practice. This Wiki article might help:</div>
<div><br></div><div><a href="http://wiki.openid.net/Delegation" target="_blank">http://wiki.openid.net/Delegation</a></div><div><br></div><div>Remember that this needs to be part of the initial setup. This is because once the RP has cached an identifier associated with an account, it's difficult to reconfigure that link. That OpenID is your login. How do you prove that a different OpenID is the correct new identifier? Unless your old, unloved provider is willing to help, manual reconciliation is the only way, in many cases, and that's a really expensive and difficult process.</div>
<div><br></div><div>Take care,</div><div>Nate.</div><div class="Ih2E3d"><div><br><div><div>On 30 May 2008, at 13:52, Babu.N wrote:</div><br><blockquote type="cite"><p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">Hi,</font></p>
<p style="margin: 0px; font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; min-height: 14px;"><br></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">As I understand, OpenID allows a digital identity to be created at an<span> </span></font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">OP & let this be used at multiple sites. After creating the digital<span> </span></font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">identify & using it some websites, suppose the doesn't like the OP<span> </span></font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">for service reasons (say frequent downtime, prone to compromises<span> </span></font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">etc). Does OpenID technology allow the user to migrate from this OP<span> </span></font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">to another, yet retaining the same identity (remember this is already<span> </span></font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">used by him in registering at some websites..) ? If not, should this<span> </span></font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">not be supported going forward ?</font></p>
<p style="margin: 0px; font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; min-height: 14px;"><br></p>
<p style="margin: 0px; font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; min-height: 14px;"><br></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">Thanks,</font></p>
<p style="margin: 0px;"><font style="font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal;" face="Helvetica" size="3">Babu</font></p>
</blockquote></div><br></div></div></div></blockquote></div><br>