Specifying identifier recycling
Johannes Ernst
jernst+openid.net at netmesh.us
Thu May 31 04:53:30 UTC 2007
On May 30, 2007, at 21:02, Johnny Bufu wrote:
> ...The bottom line is
> that it can't be done easily - a mechanism similar to XRI's canonical
> ID verification would have to be employed, to confirm that the i-
> number actually 'belongs' to the URL on which discovery was
> initiated. (Otherwise anyone could put any i-number in their URL-
> based XRDS files.)
Public keys ... public keys ... with the added benefit that no
centralized or trusted verification service needs to be employed
whatsoever ...
Johannes Ernst
NetMesh Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-relying-party-authenticated.gif
Type: image/gif
Size: 903 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070530/92b2f557/attachment-0004.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20070530/92b2f557/attachment-0005.gif>
-------------- next part --------------
http://netmesh.info/jernst
More information about the specs
mailing list