[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openid-specs
Subject:    Persistent Identifiers (was: Proposal for Recycling Identifiers
From:       dick () sxip ! com (Dick Hardt)
Date:       2007-05-28 17:30:39
Message-ID: A958C28C-0CFA-435C-871F-EBC86242F2DB () sxip ! com
[Download RAW message or body]


On 28-May-07, at 9:49 AM, Johannes Ernst wrote:

> On May 28, 2007, at 7:20, Claus F?rber wrote:
>> Dmitry Shechtman schrieb:
>>> This is definitely an interesting proposal. However, it only
>>> attempts to
>>> solve the recycling problem, whereas canonical IDs would solve
>>> this and
>>> several more.
>>
>> I think the best solution would be a Persistent Identifier. If the
>> OpenID Provider returns a different Persistent Identifier, the  
>> Relying
>> Party can assume the ID has been recycled.
>
> And the best persistent identifier is a public key, because it's
> rather hard to fake. (if there is also an operation that challenges
> the publisher of the public key to use it.)
>
> Which is why we've had GPG key pairs for a long time in LID ...

Public Keys are great until the private key has been compromised.


[prev in list] [next in list] [prev in thread] [next in thread]