General things to consider

[Lukas Leander Rosenstock]

Zefiro wrote:

>So in summary:
>- an initial broad user base is a good thing
>- we want to have many users who can use our scheme without having any clue of any technical stuff - just say 'you already have
>the everything you need'
>- we want to address privacy concerns (embed it in the spec and encourage/force consumers to use it)
>- we don't want to limit users in their choice of identity URLs based on their technical possibilites (mod_rewrite, PHP, etc),
>but only if they 'own' the URL, i.e. are allowed to make changes to it
>  
>
The current Yadis spec is, in my opinion, not very good for that. That's 
why the suggestions with a "capability meta file" came up or the idea or 
placing a lot of link tags in the (X)HTML header. I thought about this 
simple so-called "yadis.xml" file because everyone with a webspace could 
upload one. He/she can add all identity-centric services he wants, 
compose from a variety of different services from different providers 
all at his own hostname. He can also have multiple URLs => multiple 
identities.

If there were many different services agreeing to 1) use a special URL 
as username and 2) defining a format how to link them then the user has 
maximum choice and maximum possibilities. He could just link a vCard or 
FOAF-profile for public use, or he could use a service that delivers 
such a file only after authentication, he could offer communication 
services from XMLRPCs e.g.... well there are many things!

The Yadis spec is a good "we mix OpenID and LID" together but I don't 
like it too much. Putting everything in (X)HTML-link and meta tags would 
be okay but that would bind all the stuff to (X)HTML and produces 
unnecessary overhead (users on webbrowsers and systems get also the 
information only the offer party needs).
I'm currently working an a "pure" OpenID implementation and will 
continue with that, just waiting what will happen with Yadis.