Backwards compatibility with existing identifiers
Mike Hearn
mike at plan99.net
Wed Nov 2 15:22:15 PST 2005
Hi,
One obvious problem with OpenID as it exists today is that not many people
actually own a URL, but nearly everybody owns an email address. I see from
the archives that allowing usage of email addresses instead of URLs has
been raised but the discussion was inconclusive.
I think it'd be a good idea to:
a) Map user at domain addresses to http://domain/openid/user type URLs,
which can redirect to wherever is appropriate (possibly even
myopenid.com)
b) If the first mapping fails (ie, no compatible server answers) try
again this time mapping user at domain to
http://user.domain.mapper.openid.net/openid/user.
This IMHO is essential for widespread OpenID deployment as it adds
backwards compatibility with the existing infrastructure in which the
email address is the canonical identity (almost all websites let you
email your password to yourself), and it means that AOL/Hotmail users
etc can log into websites using their existing address after
going through a simple registration process with a generic OpenID
provider, (for instance hotid.com ;)
Yes it's centralised. Yes that's evil. Yes it's unclean. Backwards
compatibility often is. Nothing in this scheme stops people running their
own servers, or providing a URL instead of an email address if they wish
to, but for the majority of users who know that their email address
identifies them this scheme is probably more intuitive and lowers the
barrier to entry significantly (because it's no longer "oh god one more
username, that's the last thing I need).
Thoughts?
thanks -mike
More information about the yadis
mailing list