Proposal for an XRI (i-name) profile for OpenID

Martin Atkins mart at degeneration.co.uk
Mon Apr 3 06:47:37 UTC 2006


Victor Grey wrote:
> 
>>>      openid.identity
>>>      ## The XRI from step 1
>>
>> This is an absolute XRI, right? Like xri://=username.
> 
> ## Yes, good point.
> 
>> So the only change for the OpenID server is that not only http: and
>> https: but also xri: is a valid URI scheme.
> 
> ## Yes.
> 

Hmm. If this is the case, why not have the Consumer do the XRI
resolution and leave the Server unchanged? The Consumer's going to have
to do XRI resolution to fetch the Yadis document anyway, but I'd much
rather a protocol that acts as a layer *atop* OpenID than one that gets
inside and changes it.

Another argument to making the change on the Consumer side is that the
Consumer is more easily able to present to the user the fact that it
supports XRI; It can write "Enter a URL or i-name here!", or whatever.
The server, on the other hand, can't do anything until it's too late and
the user experience has already failed. Given that there will be a
period where some Consumers support XRI and some don't, this is important.

A Consumer can implement this in a similar way to how it would implement
openid.delegate: keep track of the original XRI the user entered but
authenticate him as the retrieved URL. If the response is affirmative,
display the user's identity as that XRI. The server never needs to care
about XRI and just works with HTTP/HTTPS URLs as it always did.



More information about the yadis mailing list