Re: Fallback flow for /site-meta for top level domains

On 02/12/2008, at 1:25 PM, Dirk Balfanz wrote:
> Well, here is the scenario: I buy for $3/year at  
> I pay an extra dollar to have "email", which means  
> I tell them where I want my email forwarded. I pick  
> to be forwarded to I pay another extra dollar per  
> year for "web hosting", which means I get a web interface on  
> to create some web pages, which get served on 
> . I set up a couple of pages there with pictures of my cats or  
> whatever and I am done.
> I now also want to use my email address as my OpenID  
> identifier [1] because I heard that that will end my having to  
> create ever-more accounts on the web. I am told that in order to get  
> that to work I need to host a page called "site-meta" on my site  
> with some weird-looking text in it that I don't understand. But,  
> hey, I know how to get that served off so that's cool.
> I have never heard of DNS.
> Is that a use case we want to support?
> Dirk.
> [1] Let's assume that OpenID 3.0 and XRD 2.0 allow that and define  
> some way to discover OpenID endpoints from email addresses.

/site-meta on doesn't (and can't, on its own) make  
any authoritative assertions about; even though  
the authority is the same, the URI scheme is different.

I know this particular issue is an important one to the OpenID folks,  
but there needs to be a very careful and broad discussion of allowing  
policy and metadata from HTTP to be considered *automatically*  
authoritative for other protocols.

Mark Nottingham

Received on Wednesday, 3 December 2008 01:36:07 UTC