On May 30, 2007, at 21:02, Johnny Bufu wrote:

...The bottom line is
that it can't be done easily - a mechanism similar to XRI's canonical
ID verification would have to be employed, to confirm that the i-
number actually 'belongs' to the URL on which discovery was
initiated. (Otherwise anyone could put any i-number in their URL-
based XRDS files.)

Public keys ... public keys ... with the added benefit that no centralized or trusted verification service needs to be employed whatsoever ...

Johannes Ernst
NetMesh Inc.

<<inline: openid-relying-party-authenticated.gif>>

<<inline: lid.gif>>


specs mailing list

Reply via email to