<div class="gmail_quote">On Tue, Jun 9, 2009 at 9:19 PM, SitG Admin <span dir="ltr"><<a href="mailto:sysadmin@shadowsinthegarden.com">sysadmin@shadowsinthegarden.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
There's a significant camp of people that believe this information should be included in DNS. There's also a significant group of people who believe it could be located an XRD file (or, "on the web").<br>
</blockquote>
<br>
What if the discovery document says "E-mail this autoresponder address."?<br>
<br>
Should all discovery (in OpenID) be able to take place over the HTTP/HTTPS protocol, or will it be flexible enough to accept plugins for extending the base discovery method?<br>
<br>
-Shade<br>
</blockquote></div><br>I'm inclined to support the latter -- In some future version of OpenID Auth (possibly even 2.1), I would love to see a bunch of OpenID Extension specs that deal only with the topic of Discovery. <br>
<br>In fact, one way to go (and this is admittedly a bit radical) would be to just define a generic way to do Discovery in the main OpenID Auth 2.1 core document, and then make _every_ identifier into an extension. That includes URL, XRI, email, etc. <br>
<br>Radical, I know, but I like modularity, and it will likely preclude the debate about why we should or shoud not be able to use email addresses as OpenID's. Or why we should/should not use my fingerprint as an OpenID.<br>