Do We Agree on the Problem We're Trying to Solve?
David Fuelling
sappenin at gmail.com
Sat Jun 9 00:00:55 UTC 2007
Assuming I understand things correctly, it seems like what we're calling a
canonical URL in this thread is really a pseudo-canonical URL since a given
OpenID's XRDS doc is what specifies the Canonical ID.
If in 50 years, a given canonical URL domain goes away, then couldn't a
given OpenId URL owner simply specify a new Canonical URL in his XRDS doc?
If so, then It seems like there's almost a (in a good way) circular
reference going on, since at certain points in time, what we're calling the
"Canonical URL" is the unchanging/stable/authoritative URL, while at other
times, the actual OpenID is the authoritative/unchanging/stable URL.
In this setup, I a given person has to control 2 URL's at the same time in
order to assert ownership of a given OpenID, making it difficult to lose
your Identity if you lose only a single domain. In this respect, each URL
provides a safeguard against the loss of the other URL.
On 6/8/07, Dick Hardt <dick at sxip.com> wrote:
>
> You are still trusting one registry. Of course it is your choice, but
> you have a single point of failure. Do you think they will still be
> around in 50 years?
>
> On 8-Jun-07, at 4:20 PM, Recordon, David wrote:
>
> > I don't see how it requires a centralized registry, if I choose to
> > trust
> > that LiveJournal, or some ugly URL from AOL, etc will never go away
> > then
> > that is my choice.
> >
> > --David
> >
> > -----Original Message-----
> > From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On
> > Behalf Of Dick Hardt
> > Sent: Friday, June 08, 2007 4:08 PM
> > To: Drummond Reed
> > Cc: specs at openid.net
> > Subject: Re: Do We Agree on the Problem We're Trying to Solve?
> >
> >
> > On 8-Jun-07, at 4:00 PM, Drummond Reed wrote:
> >
> >>
> >>>> Drummond Reed wrote:
> >>>>
> >>>> Multiple, redundant identifiers is what canonical ID mapping
> >>>> provides. It
> >>>> doesn't require a master directory; it's as distributed as OpenID
> >>>> itself,
> >>>> i.e., it simply provides a way to map a reassignable URL or XRI
> >>>> to a
> >>>> persistent URL or XRI.
> >>>
> >>> Dick Hardt wrote:
> >>>
> >>> The persistent URL or XRI *is* a master directory. What do you do
> >>> when the persistent identifier is compromised, goes out of
> >>> business ...
> >>>
> >>> That is problem B.
> >>>
> >>> Canonical IDs do not solve B.
> >>
> >> I completely agree that B is a hard problem. However Canonical IDs
> >> solve B
> >> if the identifier authority for the Canonical ID follows business and
> >> operational practices intended to solve B.
> >
> > And I think there is a solution that does not require a single,
> > central registry.
> >
> > One of the other issues with the registry is it is challenging to
> > provide directed identities.
> >
> > -- Dick
> >
> > _______________________________________________
> > specs mailing list
> > specs at openid.net
> > http://openid.net/mailman/listinfo/specs
> >
> >
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070608/e7add276/attachment-0002.htm>
More information about the specs
mailing list