Why URL?

Alexey Khmara wolf_stranger at mail.ru
Wed Aug 17 08:42:05 PDT 2005

Jon-Pierre Gentil wrote:
> On Wednesday 17 August 2005 06:37 am, Alexey Khmara wrote:
>>I'm not sure, if it's the correct place for my question, but I can't
>>find better.
>>I cannot understand, why bind a digital identity to particular URL? Why
>>not use pair of PGP keys or something like this?
> This has been answered on the list already, so I'll give an abbreviated 
> version of it:  a URL points to a human readable resource that can 
> identify a person by any number of means.  You can put your PGP key 
> there, your picture, your resume, your biography, anything you want.  You 
> learn very little about someone from an untrusted PGP key.  But a URL is 
> generic enough to allow just about any http-served content to represent a 
> person.

Yes, I agree - it's important to have resource that can be used in any
way. But now user cannot change this URL without losing identity. It
isn't good, as for me. I think, this problen can be solved without
losing advantages that we have with URLs. In my scheme (of cource, it's
just example to show the principle) URL used as identity, and if you
don't want, you don't have to deal with keys and even to know about them
 - but if you
need, you can change this URL, so you are not binded to particular
provider of authentication service.
About untrusted PGP key - with URL, we distinguish user that can be
authorized with this URL. With PGP keys, we distinguish user that can
decrypt message, encrypted with this key.

Alexey Khmara

More information about the yadis mailing list