I had the good fortune of discussing URIs, URLs, fragments and the recycling issue with a number of smart W3C people at WWW2007 and they did not respond with horror at the concept of using fragments to recycle identifiers. Given this is a requirement for large OPs, here is a proposal. A number of details and issues remain, suggestions and constructive criticism encouraged!
-- Dick Motivating use case: For large OPs, user identifier namespace is a scarce resource and they need to be able to recycle human readable identifiers Design Considerations: + Existing identifiers continue to work + A human readable, memorable identifier can be entered by the user and displayed to other users + A globally unique identifier is user by RPs that is different for different users of the same human readable identifier Proposed Solution: Allow fragments to be an optional part of the identifier. An RP could display the URL sans fragment to the users of the website. RPs would use the complete URL including fragment to identify users. RPs would be able to delete other accounts with the same base URL when seeing a new fragment. (do we want to allow this?) With OpenID 2.0, the identifier entered by the user does not need to be the same as the identifier returned by the OP To login to an RP, the user could enter "openid.op.com/user" and if the complete identifier managed by the OP was "http://openid.op.com/ user#7356", this is what would be returned. The following two identifiers returned by an OP would be considered different by an RP: http://openid.op.com/user http://openid.op.com/user#7356 Although the user would enter "openid.op.com/user" or "openid.op.com" in the OpenID prompt at the RP. Outstanding Issues: When resolving "http://openid.op.com/user#7356", does the RP resolve just http://openid.op.com/user or is does the RP need to find the fragment "7536" in the document at "http://openid.op.com/user"? If so, where is the fragment? Does it need to occur before. What does it mean when the document type is an XRDS document? Does the document need to contain "http://openid.op.com/user#7356" for the RP to close the circle on what the OP is stating? Will this break existing OpenID 1.1 RPs? Which ones? Is this going to be an issue for them? _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs