URL canonicalization

[Dan Libby]

Hi Martin,

I think we are saying the same thing, but possibly we are using terms
differently. The original quote to which I responded was:

> It is NOT clear whether the claimed identity, the canonical identity URL,
> or the delegate identity URL should be considered by consumers to be the
> unique individual.  I'd argue for claimed identity, but others may
> disagree.

So if we take your example of:
 - claimed url:  mart.mydomain.com
 - delegate url: mart.livejournal.com

Then I am calling "http://mart.mydomain.com/" the canonical identity
URL, and that is what I think should be used as a DB primary key by the
consumer.  I suppose a better term might be "normalized claimed
identity".     :)

regards,

Dan Libby


Martin Atkins wrote:

>Dan Libby wrote:
>  
>
>>It seems cleaner to me to use the canonical identity as primary key. 
>>That way, you allow the user to enter eg:
>>"http://sally.people.com/" the first time and then just
>>"sally.people.com" the second time, and they both point to the same record.
>>
>>You could still display ( or even store ) whatever the user entered as a
>>"pretty" identifer.
>>
>>    
>>
>
>That falls down in this scenario:
>* I have mart.mydomain.com delegated to mart.livejournal.com so that I
>can use LiveJournal's identity server. I want to appear as
>mart.mydomain.com.
>* LiveJournal gets bought out by some evil company. I no longer trust
>LiveJournal.
>* I change my delegation to point at mart.coolidentityhost.com but
>continue to log in as mart.mydomain.com.
>
>In this case, I still want to be considered to be the same identity
>(mart.mydomain.com) despite my ID server changing. It's the canonical
>version of the claimed identity that should be used, not the delegation URL.
>
>It's very important to use the claimed URL as the key since the ability
>to switch identity servers without losing your identity is a major part
>of OpenID's decentralisation.
>
>  
>