mart at degeneration.co.uk
Fri Oct 28 10:26:42 PDT 2005
Benjamin Yu wrote:
>>On Oct 25, 2005, at 7:40 PM, Carl Howells wrote:
>>>I've read through the documentation provided, and I'm a bit
>>>confused by all of this. How does having this protocol make things
>--- Kurt Raschke <kurt at raschke.net> wrote:
>>I'd like to second that. My first thought upon looking at the YADIS
>>spec was "Is this for real?". To me, the benefit of OpenID is that
>>it is a relatively lightweight protocol and it is simple to implement
>>for both producers and consumers. LID, on the other hand, seems to
>>be bloated and pretty painful to implement. Now we have a
>>"Capability Discovery Protocol" and all sorts of other things.
> I'm going to "third" the comment.
> After reading the docs, the goals page makes my BS meter tingle.
> "to contribute a multi-vendor, multi-technology personal identity foundation
> for Web 2.0."
> "to follow an open, meritocratic process for doing so, e.g. by following common
> open source development practices."
> "to allow and foster innovation and competition within the personal digital
> identity market."
I'm glad I'm not the only one that doesn't get it. When I first read the
document, I just scratched my head and closed it, but I was worried that
I was just being dense. :)
All I could get out of it was that all OpenID software would support LID
and all LID software would support OpenID. That can't be all there is to
it, though, since that doesn't satisfy the stated goals.
I personally would be happy just to let OpenID and LID (and other
players, too) compete by being non-interoperable, and see how it turns out.
I've already demonstrated the use of intermediataries as an interop
solution for those who want it. I imagine we'd also end up with
multi-protocol identity servers, but does it really matter? It doesn't
seem much different to me than the multi-protocol IM clients that are
popular right now. Sure, they're a hack and that's a bit lame, but they
solve the problem in a place that is under control of those who want it
I'd rather have a solution where I'm in control (I can support whatever
protocols I like on my identity server) rather than a hotch-potch of
varying support that is out of my control because it's consumer-side.
More information about the yadis