Johannes: What about the point Dick posted earlier in this thread, that the problem with using a public key is if the private key gets compromised? Persistent identifiers need to persist independent of any attribute changing or being revoked.
=Drummond -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Johannes Ernst Sent: Wednesday, May 30, 2007 9:54 PM To: OpenID specs list Subject: Re: Specifying identifier recycling On May 30, 2007, at 21:02, Johnny Bufu wrote: > ...The bottom line is > that it can't be done easily - a mechanism similar to XRI's canonical > ID verification would have to be employed, to confirm that the i- > number actually 'belongs' to the URL on which discovery was > initiated. (Otherwise anyone could put any i-number in their URL- > based XRDS files.) Public keys ... public keys ... with the added benefit that no centralized or trusted verification service needs to be employed whatsoever ... Johannes Ernst NetMesh Inc. _______________________________________________ specs mailing list firstname.lastname@example.org http://openid.net/mailman/listinfo/specs