<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">What about you charter EAUT as a proper OpenID workgroup, and then we talk? ;-)<div><br></div><div>I really don't understand why it is not if you are serious about going in that direction ...</div><div><br></div><div><br><div><br><div><div>On Oct 14, 2008, at 20:49 , Chris Messina wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr">Can I take a poll? With all this talk about email address mapping/translation -- I'm curious -- how many of you have actually read the EAUT (email address to URL translation) spec?<div><br></div><div><a href="http://eaut.org/specs/1.0/">http://eaut.org/specs/1.0/</a></div> <div><br></div><div>It seems like much of this conversation (the productive bits) could be had on the EAUT list [1], in order to move things forward and get the spec in a form that could be taken into an OpenID Extension, which could then pave the way for 1) establishing extension creation protocol and 2) make the spec ready for wider deployment/adoption.<br> <br></div><div>Not that all this talk of DNS and XRI isn't compelling, but I was hoping that we might get a solution in place before I turn 40.</div><div><br></div><div>Chris</div><div><br></div><div>P.S. I was born in 1981.</div> <div><br></div><div>[1] <a href="http://groups.google.com/group/eaut">http://groups.google.com/group/eaut</a></div><div><br><div class="gmail_quote">On Tue, Oct 14, 2008 at 8:32 PM, Brandon Ramirez <span dir="ltr"><<a href="mailto:brandon.s.ramirez@gmail.com">brandon.s.ramirez@gmail.com</a>></span> wrote:<br> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div dir="ltr">It's more than just request -> response. It's also an intriguing model for information resolution, where the trust is centralized, but then delegated out.<br> <br>Why shouldn't it be used for identity resolution as well? An identity (even more so from a computer's perspective) is merely a small set of data with a chain of trust - just like most DNS lookups.<div><div></div> <div class="Wj3C7c"><br> <br><div class="gmail_quote">On Tue, Oct 14, 2008 at 10:45 PM, Martin Atkins <span dir="ltr"><<a href="mailto:mart@degeneration.co.uk" target="_blank">mart@degeneration.co.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left:1px solid rgb(204, 204, 204);margin:0pt 0pt 0pt 0.8ex;padding-left:1ex"> <div>SitG Admin wrote:<br> ><br> >> Putting it in DNS doesn't change the user-centricness, it just changes<br> >> the means of publication.<br> ><br> > I disagree here; to use military terminology here (as learned from<br> > analyses of Trusted Computing) for a moment, your DNS server is not a<br> > Trusted party for your personal information! IT does not have access to<br> > your personal information; YOU do. If a spammer (or stalker) wants to<br> > learn where you live (so they have a physical address for snailmail spam<br> > or home invasion), they cannot simply ask the DNS server where you live,<br> > because the DNS server does not possess that information - they MUST<br> > contact you, the user, directly, and in the process of making that<br> > request they not only make you (the user) aware of it, but provoke the<br> > distinct possibility that you will simply refuse to tell them!<br> ><br> > Your reply also suggested, though, that this level of control *can* be<br> > present in DNS, which intrigues me :)<br> ><br> <br> </div>I was not suggesting that you should put your physical address or<br> telephone number in DNS, just that you can publish in DNS information<br> about how that information might be obtained, much as you publish on<br> your web site how that information might be obtained.<br> <br> I'd also like to point out that HTTP URLs are themselves dependent on<br> DNS. All you gain by publishing this information over HTTP rather than<br> DNS is a couple more layers of indirection. I can't control my identity<br> page on MyOpenID any more than I can control the contents of the<br> <a href="http://myopenid.com" target="_blank">myopenid.com</a> DNS zone.<br> <br> Additionally, since DNS is a request->response protocol just like HTTP,<br> there's no technical reason why you can't log requests and refuse to<br> talk to certain clients if you wish. The domain name system is not magic.<br> <div><div></div><div><br> <br> _______________________________________________<br> general mailing list<br> <a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br> <a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br> </div></div></blockquote></div><br></div></div></div> <br>_______________________________________________<br> general mailing list<br> <a href="mailto:general@openid.net">general@openid.net</a><br> <a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br> <br></blockquote></div><br><br clear="all"><br>-- <br>Chris Messina<br>Citizen-Participant &<br> Open Technology Advocate-at-Large<br><a href="http://factoryjoe.com">factoryjoe.com</a> # <a href="http://diso-project.org">diso-project.org</a><br> <a href="http://citizenagency.com">citizenagency.com</a> # <a href="http://vidoop.com">vidoop.com</a><br>This email is: [ ] bloggable [X] ask first [ ] private<br> </div></div> _______________________________________________<br>general mailing list<br><a href="mailto:general@openid.net">general@openid.net</a><br>http://openid.net/mailman/listinfo/general<br></blockquote></div><br></div></div></body></html>