- From: Mark Nottingham <mnot@mnot.net>
- Date: Wed, 3 Dec 2008 11:24:04 +1100
- To: Dirk Balfanz <balfanz@google.com>
- Cc: www-talk@w3.org
On 02/12/2008, at 1:25 PM, Dirk Balfanz wrote: > > Well, here is the scenario: I buy foobar.com for $3/year at > cheapdomains.com. I pay an extra dollar to have "email", which means > I tell them where I want my email forwarded. I pick dirk@foobar.com > to be forwarded to dirk@gmail.com. I pay another extra dollar per > year for "web hosting", which means I get a web interface on > cheapdomains.com to create some web pages, which get served on www.foobar.com > . I set up a couple of pages there with pictures of my cats or > whatever and I am done. > > I now also want to use my email address dirk@foobar.com as my OpenID > identifier [1] because I heard that that will end my having to > create ever-more accounts on the web. I am told that in order to get > that to work I need to host a page called "site-meta" on my site > with some weird-looking text in it that I don't understand. But, > hey, I know how to get that served off www.foobar.com so that's cool. > > I have never heard of DNS. > > Is that a use case we want to support? > > Dirk. > > [1] Let's assume that OpenID 3.0 and XRD 2.0 allow that and define > some way to discover OpenID endpoints from email addresses. /site-meta on http://foobar.com/ doesn't (and can't, on its own) make any authoritative assertions about mailto:dirk@foobar.com; even though the authority is the same, the URI scheme is different. I know this particular issue is an important one to the OpenID folks, but there needs to be a very careful and broad discussion of allowing policy and metadata from HTTP to be considered *automatically* authoritative for other protocols. -- Mark Nottingham http://www.mnot.net/
Received on Wednesday, 3 December 2008 01:36:07 UTC