Specifying identifier recycling
Drummond Reed
drummond.reed at cordance.net
Thu May 31 05:01:12 UTC 2007
Johannes:
What about the point Dick posted earlier in this thread, that the problem
with using a public key is if the private key gets compromised? Persistent
identifiers need to persist independent of any attribute changing or being
revoked.
=Drummond
-----Original Message-----
From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf
Of Johannes Ernst
Sent: Wednesday, May 30, 2007 9:54 PM
To: OpenID specs list
Subject: Re: Specifying identifier recycling
On May 30, 2007, at 21:02, Johnny Bufu wrote:
> ...The bottom line is
> that it can't be done easily - a mechanism similar to XRI's canonical
> ID verification would have to be employed, to confirm that the i-
> number actually 'belongs' to the URL on which discovery was
> initiated. (Otherwise anyone could put any i-number in their URL-
> based XRDS files.)
Public keys ... public keys ... with the added benefit that no
centralized or trusted verification service needs to be employed
whatsoever ...
Johannes Ernst
NetMesh Inc.
More information about the specs
mailing list