<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML xmlns="http://www.w3.org/TR/REC-html40" xmlns:v =
"urn:schemas-microsoft-com:vml" xmlns:o =
"urn:schemas-microsoft-com:office:office" xmlns:w =
"urn:schemas-microsoft-com:office:word"><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.5730.11" name=GENERATOR><!--[if !mso]>
<STYLE>v\:* {
BEHAVIOR: url(#default#VML)
}
o\:* {
BEHAVIOR: url(#default#VML)
}
w\:* {
BEHAVIOR: url(#default#VML)
}
.shape {
BEHAVIOR: url(#default#VML)
}
</STYLE>
<![endif]-->
<STYLE>@font-face {
font-family: Helvetica;
}
@font-face {
font-family: Tahoma;
}
@page {mso-endnote-separator: url("cid:header.htm\@01C6FD21.2A0003F0") es; mso-endnote-continuation-separator: url("cid:header.htm\@01C6FD21.2A0003F0") ecs; }
@page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.25in 1.0in 1.25in; }
P.MsoNormal {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; COLOR: black; FONT-FAMILY: "Times New Roman"
}
LI.MsoNormal {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; COLOR: black; FONT-FAMILY: "Times New Roman"
}
DIV.MsoNormal {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; COLOR: black; FONT-FAMILY: "Times New Roman"
}
H1 {
FONT-SIZE: 16pt; MARGIN: 12pt 0in 3pt; FONT-FAMILY: Arial
}
H2 {
FONT-SIZE: 14pt; MARGIN: 12pt 0in 3pt; FONT-STYLE: italic; FONT-FAMILY: Arial
}
H3 {
FONT-SIZE: 12pt; MARGIN: 12pt 0in 3pt; FONT-FAMILY: Arial
}
H4 {
FONT-SIZE: 10pt; MARGIN: 12pt 0in 3pt; FONT-STYLE: italic; FONT-FAMILY: "Times New Roman"
}
P.MsoHeader {
BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 0in; FONT-SIZE: 10pt; PADDING-BOTTOM: 0in; MARGIN: 0in 0in 0pt; BORDER-LEFT: medium none; PADDING-TOP: 0in; BORDER-BOTTOM: medium none; FONT-FAMILY: Arial
}
LI.MsoHeader {
BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 0in; FONT-SIZE: 10pt; PADDING-BOTTOM: 0in; MARGIN: 0in 0in 0pt; BORDER-LEFT: medium none; PADDING-TOP: 0in; BORDER-BOTTOM: medium none; FONT-FAMILY: Arial
}
DIV.MsoHeader {
BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 0in; FONT-SIZE: 10pt; PADDING-BOTTOM: 0in; MARGIN: 0in 0in 0pt; BORDER-LEFT: medium none; PADDING-TOP: 0in; BORDER-BOTTOM: medium none; FONT-FAMILY: Arial
}
P.MsoFooter {
BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 0in; FONT-SIZE: 10pt; PADDING-BOTTOM: 0in; MARGIN: 0in 0in 0pt; BORDER-LEFT: medium none; PADDING-TOP: 0in; BORDER-BOTTOM: medium none; FONT-FAMILY: Arial
}
LI.MsoFooter {
BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 0in; FONT-SIZE: 10pt; PADDING-BOTTOM: 0in; MARGIN: 0in 0in 0pt; BORDER-LEFT: medium none; PADDING-TOP: 0in; BORDER-BOTTOM: medium none; FONT-FAMILY: Arial
}
DIV.MsoFooter {
BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 0in; FONT-SIZE: 10pt; PADDING-BOTTOM: 0in; MARGIN: 0in 0in 0pt; BORDER-LEFT: medium none; PADDING-TOP: 0in; BORDER-BOTTOM: medium none; FONT-FAMILY: Arial
}
P.MsoListBullet {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt 0.25in; COLOR: black; TEXT-INDENT: -0.25in; FONT-FAMILY: "Times New Roman"; mso-list: l9 level1 lfo1
}
LI.MsoListBullet {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt 0.25in; COLOR: black; TEXT-INDENT: -0.25in; FONT-FAMILY: "Times New Roman"; mso-list: l9 level1 lfo1
}
DIV.MsoListBullet {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt 0.25in; COLOR: black; TEXT-INDENT: -0.25in; FONT-FAMILY: "Times New Roman"; mso-list: l9 level1 lfo1
}
P.MsoTitle {
FONT-WEIGHT: bold; FONT-SIZE: 16pt; MARGIN: 0in 0in 9pt; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
LI.MsoTitle {
FONT-WEIGHT: bold; FONT-SIZE: 16pt; MARGIN: 0in 0in 9pt; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
DIV.MsoTitle {
FONT-WEIGHT: bold; FONT-SIZE: 16pt; MARGIN: 0in 0in 9pt; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
P.MsoBodyText {
FONT-SIZE: 12pt; MARGIN: 0in 0in 6pt; FONT-FAMILY: "Times New Roman"
}
LI.MsoBodyText {
FONT-SIZE: 12pt; MARGIN: 0in 0in 6pt; FONT-FAMILY: "Times New Roman"
}
DIV.MsoBodyText {
FONT-SIZE: 12pt; MARGIN: 0in 0in 6pt; FONT-FAMILY: "Times New Roman"
}
P.MsoSubtitle {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0.25in; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
LI.MsoSubtitle {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0.25in; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
DIV.MsoSubtitle {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0.25in; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
A:link {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
COLOR: blue; TEXT-DECORATION: underline
}
PRE {
FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt; COLOR: black; FONT-FAMILY: "Courier New"
}
P.Quote {
FONT-SIZE: 12pt; MARGIN: 0in 0.5in 6pt; FONT-STYLE: italic; FONT-FAMILY: "Times New Roman"
}
LI.Quote {
FONT-SIZE: 12pt; MARGIN: 0in 0.5in 6pt; FONT-STYLE: italic; FONT-FAMILY: "Times New Roman"
}
DIV.Quote {
FONT-SIZE: 12pt; MARGIN: 0in 0.5in 6pt; FONT-STYLE: italic; FONT-FAMILY: "Times New Roman"
}
P.Wiki {
FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt; COLOR: black; FONT-FAMILY: "Courier New"
}
LI.Wiki {
FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt; COLOR: black; FONT-FAMILY: "Courier New"
}
DIV.Wiki {
FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt; COLOR: black; FONT-FAMILY: "Courier New"
}
P.Graphic {
FONT-SIZE: 10pt; MARGIN: 0in 0in 6pt; FONT-STYLE: italic; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
LI.Graphic {
FONT-SIZE: 10pt; MARGIN: 0in 0in 6pt; FONT-STYLE: italic; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
DIV.Graphic {
FONT-SIZE: 10pt; MARGIN: 0in 0in 6pt; FONT-STYLE: italic; FONT-FAMILY: Arial; TEXT-ALIGN: center
}
SPAN.EmailStyle27 {
COLOR: navy; FONT-FAMILY: Arial; mso-style-type: personal-reply
}
DIV.Section1 {
page: Section1
}
OL {
MARGIN-BOTTOM: 0in
}
UL {
MARGIN-BOTTOM: 0in
}
</STYLE>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></HEAD>
<BODY lang=EN-US vLink=blue link=blue bgColor=white>
<DIV dir=ltr align=left><SPAN class=042532814-01112006><FONT face=Arial
color=#0000ff size=2>Bad statement of the principle. Centralized direction is
inevitable if there are to be unique, mnemonic
identifiers.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=042532814-01112006><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=042532814-01112006><FONT face=Arial
color=#0000ff size=2>The questions are whether the centralized control is
accountable, whether the system has checks and balances and the confidence that
users can place in the registry continuing to be supported after the startup
money has run out.</FONT></SPAN></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=042532814-01112006></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=042532814-01112006></SPAN></FONT> </DIV>
<DIV><BR></DIV>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> specs-bounces@openid.net
[mailto:specs-bounces@openid.net] <B>On Behalf Of </B>Drummond
Reed<BR><B>Sent:</B> Tuesday, October 31, 2006 10:31 PM<BR><B>To:</B> 'George
Fletcher'; 'Stefan Görling'<BR><B>Cc:</B> specs@openid.net<BR><B>Subject:</B>
RE: Making identities persistent?<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV class=Section1>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">Good answer, George.
The question applies mainly to delegated identifiers (e.g., email addresses
delegated under a specific DNS domain like user@aol.com, third-or-lower level
domain names like user.aol.com, or community i-names such as @aol*user), since
they are by definition assigned within the context of (and thus under the
ultimate control of) as specific identifier community (such as aol.com).
<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">For identifiers
registered directly with a global registry (e.g., joesmith.com in DNS or
=joe.smith in XRI), the identifiers themselves are portable across registrars
and the registrant has direct control of the identifier and what it resolves
to (e.g., the XRDS document).This portability is established by ICANN for DNS
registries and XDI.org for XRI global registries.<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">So the section of the
spec you cite should probably be clarified with regard to these points, i.e.,
something like: <o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">"OpenID is decentralized. No central authority must approve or register Relying Parties or OpenID Providers. An End User can freely choose which OpenID Provider to use. OpenID design also enables an End User to continue to use an OpenID Identifier if they switch OpenID Providers. Note that the portability and persistence of an OpenID identifier itself (URL or XRI) is a capability of the identifier and the registry authority and is out of scope for OpenID. End Users who wish to maintain persistent control of an OpenID Identifier SHOULD select an identifier and registry authority that offers these capabilities.”<o:p></o:p></SPAN></FONT></PRE>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">Thoughts?<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial color=navy size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">=Drummond
<o:p></o:p></SPAN></FONT></P>
<DIV>
<DIV class=MsoNormal style="TEXT-ALIGN: center" align=center><FONT
face="Times New Roman" color=black size=3><SPAN
style="FONT-SIZE: 12pt; COLOR: windowtext">
<HR tabIndex=-1 align=center width="100%" SIZE=2>
</SPAN></FONT></DIV>
<P class=MsoNormal><B><FONT face=Tahoma color=black size=2><SPAN
style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; COLOR: windowtext; FONT-FAMILY: Tahoma">From:</SPAN></FONT></B><FONT
face=Tahoma color=black size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: windowtext; FONT-FAMILY: Tahoma">
specs-bounces@openid.net [mailto:specs-bounces@openid.net] <B><SPAN
style="FONT-WEIGHT: bold">On Behalf Of </SPAN></B>George Fletcher<BR><B><SPAN
style="FONT-WEIGHT: bold">Sent:</SPAN></B> Tuesday, October 31, 2006 7:36
AM<BR><B><SPAN style="FONT-WEIGHT: bold">To:</SPAN></B> Stefan
Görling<BR><B><SPAN style="FONT-WEIGHT: bold">Cc:</SPAN></B>
specs@openid.net<BR><B><SPAN style="FONT-WEIGHT: bold">Subject:</SPAN></B> Re:
Making identities persistent?</SPAN></FONT><FONT color=black><SPAN
style="COLOR: windowtext"><o:p></o:p></SPAN></FONT></P></DIV>
<P class=MsoNormal><FONT face="Times New Roman" color=black size=3><SPAN
style="FONT-SIZE: 12pt"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Helvetica color=black size=3><SPAN
style="FONT-SIZE: 12pt; FONT-FAMILY: Helvetica">This is a good use case and I
think important for both users and IdPs (now OPs [OpenID Provider] per the
latest "editor's conference") to consider.<BR><BR>I see a number of
options...<BR><BR>1. There has been some discussion regarding a "change
identifier" extension that would allow you to change your identifier at the
relying party. This would solve the use case and is necessary regardless
of the other options.<BR><BR>2. The OP (in this case AOL.com) could continue
to provide an "identifier management" page that would allow the user to
specify the OP of choice. This requires the OP to continue to serve the
XRDS doc or at least the indirection to a XRDS doc with the new OP. This
is not that much extra overhead for the OP, but it will likely be a business
decision as to whether to support such a feature.<BR><BR>3. The user gets to
choose their OP so they can ensure that they don't get "locked in". This
is the ideal behind user-centric. However, in practice, it will take
good education and time for users to understand the ramifications of their
decisions.<BR><BR>Thanks,<BR>George<BR></SPAN></FONT><BR>Stefan Görling wrote:
<o:p></o:p></P><PRE wrap=""><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">Hi everybody,<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">I'm trying to get a grip around your great work and have one issue that <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">I'm not quite clear on, relevant to the discussion of using <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><A href="mailto:user@example.com-style">user@example.com-style</A> identifiers, but also in a more general context. <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">Please let me know if I've simply missunderstood my own question.<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><A href="http://openid.net/specs/openid-authentication-2_0-09.html#anchor48">http://openid.net/specs/openid-authentication-2_0-09.html#anchor48</A> says:<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">"OpenID is decentralized. No central authority must approve or register <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">Relying Parties or Identity Providers. An End User can freely choose <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">which Identity Provider to use. They can preserve their Identifier if <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">they switch Identity Providers."<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">Let us consider the case that I'm an AOL.com customer, and they act as <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">an IdP providing we with an identifier. I use this identifier for 3 <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">years for identity management on most of the services I use, due to the <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">huge success of the standard... However, I'm starting to get fed up with <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">AOL and terminates my agreement with them. Is there any procedure for me <o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">to switch to another IdP? How is this done?<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">Best Regards,<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">Stefan Görling<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">_______________________________________________<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt">specs mailing list<o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><A href="mailto:specs@openid.net">specs@openid.net</A><o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><A href="http://openid.net/mailman/listinfo/specs">http://openid.net/mailman/listinfo/specs</A><o:p></o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"><o:p> </o:p></SPAN></FONT></PRE><PRE><FONT face="Courier New" color=black size=2><SPAN style="FONT-SIZE: 10pt"> <o:p></o:p></SPAN></FONT></PRE></DIV></BLOCKQUOTE></BODY></HTML>