Dealing with renames

Ben Hyde bhyde at
Sun May 29 15:06:11 PDT 2005

Interesting questions.  What a marvelous mess!

Identity URL's accumulate rights, reputation, etc.  Moving, copy, 
linking those will need the participation of validating server.   Users 
might like to get a 'title' to their identity URL from the validating 
server which they can present to effect some of these operations.   
That 'title' might be long lived so they can get it in January and use 
it in September after the validating server has gone bust, evil, or 

Recycling id's is messy.  It can be ameliorated just a bit if the 
assertions signed by the validating servers are enhanced to include a 
unique # that is different for every customer.  That way the consumers 
of those assertions can distinguish a URL owned by customer A in time 
period 1 from the same URL owned by customer B in time period 2.    
Note the design is delicate; the unique # needs to be designed so it 
doesn't enable outsiders to link N ID that happen to be owned by the 
same customer.

That trick helps only if the community looks inside the assertions; but 
they don't - they look only at the ID url.  So it's not a silver 

There is a another case.  Where the ID URL's vouching server switches 
from voucher X to voucher Y.

    - ben

On May 29, 2005, at 7:27 AM, Karl Koscher wrote:

> It occured to me that OpenID doesn't deal well with accounts that are 
> renamed. As far as the consumer is concerned, different usernames/URLs 
> belong to different users. However, often this isn't the case. For 
> example, LiveJournal allows users to rename their accounts.
> This can cause all sorts of chaos.
> For example, we have a few sites that are restricted to a certain set 
> of LiveJournal users. If they rename, they'll no longer be able to 
> access those sites. Worse, if someone with access to the site deletes 
> their account, and has their account purged, other users will be able 
> to rename to that old account name and be able to access the site. 
> There are hacks that'll work for LiveJournal (fetch their userinfo and 
> check their userid), but not in general.
> In another case, a user will allow an OpenID-authenticated user to 
> post unscreened comments on some site. When the OpenID user changes 
> their username, they won't be able to post comments unscreened until 
> the other users authorizes them (and deauthorizes the old account).
> I'm pretty sure this'll cause problems with cross-site friendings, as 
> well.
> So, is there a good solution to this? Should we even worry about it? 
> One thing I was thinking of is having the identity server return some 
> unique ID that always maps to that particular user on that identity 
> server. The unique ID doesn't have to mean anything to anyone except 
> the identity server.
> Thoughts?
> - Karl
> _______________________________________________
> yadis mailing list
> yadis at
  I forecast sunny weather!

More information about the yadis mailing list