User @ domain.tld as ID (Once again)

Mark Wilcox mark.wilcox at octetstring.com
Thu Nov 3 15:17:46 PST 2005


Zefiro wrote:

>Why is it that some people think email addresses or identifiers looking like email addresses are superior to HTTP URLs?
>
>This introduces a real bunch of technical problems, which have no clean solution. Usernames in HTTP requests are ugly, browsers
>might confuse them with phishing, servers might not support them. All mapping schemes involve some kind of magic in it - be it a
>magic mapping, a magic header specifying a mapping or a magic centralised server providing lists of mappings for different
>servers - a thought which horrifies me, since this has nothing to do with decentralisation or 'everyone can join in'. Provides a
>single point of failure and inconsistencies. The spec has to make sure that when an ID is accepted at one site, it is equally
>accepted in all other sites implementing this spec. Otherwise the spec is useless (compared to the goal to have an open,
>independent, general and future-proof system).
>
>I don't see the advantages of email addresses.
>
>... cut most of the message to save on clutter ...
>
Personally from a technical perspective HTTP URLs have more potential 
than email addresses for global identifiers.

However, people will undoubtedly build email address (and probably a lot 
of other attributes like username or phone-numbers) to (whatever format) 
mapping systems - the question is not whether this should be done or not 
- but rather - can you construct a protocol that can support a 
standardized mapping system - but NOT require it?

The rationale and I'm basing this on the fact that nobody remembers 
their LDAP DN, hardly anyone remembers their Kerberos principal (if 
you're old-school and have one of those) and nobody remebers a URL 
outside of a small domain name. I'm talking about people like my wife 
who's in the 90% of your Internet user base & not us hard-core geeks who 
probably remember DNs better than we remember our anniversaries. :)

I'm not arguing whether this mapping is right or wrong - but rather 
pragmatism should rule where possible :). 

It doesn't have to be mandatory for the protocol to work - but it has to 
be there for this to grow. And you don't have to do the "let's invent 
another protocol for mapping" to do this - there's others out there to 
leverage. Yeah - being the LDAP guy - I'd say this could easily be done 
via LDAP attributes - but you could leverage SAML, maybe XRI, maybe 
something in DNS or maybe something else I'm missing. Or perhaps you 
just define how mappings should be handled if you want to use one of 
those things.

Mark


-- 
Mark Wilcox
mark.wilcox at octetstring.com
OctetString, Inc.
Office:+1 972.668.2829
Mobile:+1 214.289.9507
http://www.octetstring.com



More information about the yadis mailing list