Good point, George. I held back on bringing that up because once we have what you're suggesting, we've re-invented InfoCard. :) But InfoCard, even where the cards are hosted in the cloud, already exist so if we retooled OpenID to do this we wouldn't really have contributed anything to the world. :)<br clear="all">
--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">On Fri, Jun 5, 2009 at 10:38 AM, George Fletcher <span dir="ltr"><<a href="mailto:gffletch@aol.com">gffletch@aol.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Assuming I understood correctly...<br>
<br>
The initial privacy question that comes to mind with this is whether the public key will become it's own globally correlatable identifier. This doesn't really matter for OpenIDs where the user enters a "claimed identifier". But for the "directed identity" flow, if the XRD associated with the returned "opaque" identifier contains the same public key as the user's XRD for their "global/know" "claimed identifier", then the public key has enabled correlation across identifiers that weren't supposed to be correlatable.<br>
<br>
Now, if each opaque "direct identity" identifier has it's own public key, we're fine from a privacy perspective, but this is rather ugly to deploy.<br>
<br>
Thanks,<br>
George<br>
<br>
Andrew Arnott wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div><div></div><div class="h5">
I haven't read the XRD spec draft, so I don't know how well this would fit in, but I wonder...<br>
<br>
Could we put a public key in an XRD file, and have the authentication process be that the OP proves it has the private key, and then the public key is the claimed identifier? If we could pull this off we'd totally solve the problem of being able to change the URI or XRI identifier while still maintaining the user account at each RP; and similarly we could abandon a URL without fear of someone else picking it up and stealing the old user's identity.<br>
<br>
Basically, have many of the same benefits of XRIs today, except without the annual fee of owning a top-level i-name, and without being locked down to one XRI service. For example I have a few i-names, each with their own i-number, but these numbers aren't really portable. AFAIK I can't abandon all my i-names, then acquire all new i-names with different services and different numbers of * characters in them, and then hook up my old i-numbers and expect it all to work.<br>
<br>
Is this way off base, or a possibility?<br>
<br>
--<br>
Andrew Arnott<br>
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br></div></div>
------------------------------------------------------------------------<div class="im"><br>
<br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
<br>
</div></blockquote>
<br>
</blockquote></div><br>