<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Brad,<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Your point about DNS limitations is valid. Then again, anybody
who will be offering the open identity server is likely going to have control
over their DNS. Still, I’m not opposed to alternatives.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>But, since you brought up the fact that one can enter yahoo.com
and get redirected, I checked and, indeed, several OpenID sites <i>already</i>
accept the e-mail ID as a form of identification—and I can get redirected to
either Yahoo or MyOpenID.com. So, do some of the libraries already check for e-mail
address forms? It seems that perhaps they do!<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Paul<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> brad@fitzpat.com
[mailto:brad@fitzpat.com] <b>On Behalf Of </b>Brad Fitzpatrick<br>
<b>Sent:</b> Tuesday, April 01, 2008 10:38 PM<br>
<b>To:</b> Paul E. Jones<br>
<b>Cc:</b> specs@openid.net<br>
<b>Subject:</b> Re: Using email address as OpenID identifier<o:p></o:p></span></p>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'>This has been discussed to
death and really should be a FAQ by now, but it's not written up, so I'll add a
few points:<br>
<br>
-- we should discuss this as a generic email to URL mapping problem, and ignore
what is done with that URL then. yes, it could be used as an OpenID<br>
<br>
-- that said, with directed identity in OpenID 2.0, a user just needs to type
in "<a href="http://yahoo.com">yahoo.com</a>", or press the pretty
yahoo button. No typing.<br>
<br>
-- For email-to-URL, NAPTR by itself is a non-starter. Technically it may
be the correct way, but average people don't control their DNS. Hell,
networksolutions doesn't even let you add SRV or TXT records.<br>
<br>
-- A good solution to email-to-URL mapping will likely involve an
XRDS-Simple-style two-pronged discovery lookup path. Whereas XRDS-Simple
says "try Accept header, then parse the <head> tag", a good
email-to-URL lookup "protocol" (best practice?) might be to try NAPTR
first, then fall back to this:<br>
<br>
<a href="http://brad.livejournal.com/2357444.html">http://brad.livejournal.com/2357444.html</a><br>
<br>
- Brad<o:p></o:p></p>
<div>
<p class=MsoNormal>2008/4/1 Paul E. Jones <<a
href="mailto:paulej@packetizer.com">paulej@packetizer.com</a>>:<o:p></o:p></p>
<div>
<div>
<p>Folks,<o:p></o:p></p>
<p> <o:p></o:p></p>
<p>I've seen discussion here and there on the use of the e-mail address as the
OpenID identifier. Perhaps this one says it best:<o:p></o:p></p>
<p><a href="http://www.majordojo.com/2007/02/what-openid-needs.php"
target="_blank">http://www.majordojo.com/2007/02/what-openid-needs.php</a><o:p></o:p></p>
<p> <o:p></o:p></p>
<p>I share many of same opinions. If OpenID is going to be practically
usable by the average person, we cannot require the person to remember some
very complex identifier. When I signed up for Yahoo's OpenID service, it
presented me with a hideously ugly URL that looked similar to a base64-encoded
string. I could not begin to tell you what it was. Fortunately,
Yahoo allowed me to define my own, friendlier name. Still, the ID is not
one that the average user will remember or get right.<o:p></o:p></p>
<p> <o:p></o:p></p>
<p>While the e-mail address does not have to be the one's ID, it can certainly
serve as an alias. Suppose, for example, that the DNS records at Yahoo
contained the following entry:<o:p></o:p></p>
<p> <o:p></o:p></p>
<p><span style='font-size:10.0pt'> <a href="http://yahoo.com"
target="_blank">yahoo.com</a>. IN NAPTR 100 10 "U"
"OpenID2" "^(.+)@(.*)$!https://me.yahoo.com/\1!i"</span><o:p></o:p></p>
<p> <o:p></o:p></p>
<p>This would allow a Relaying Party to accept an e-mail address and perform a
simple transformation to get the "real" URL identifier. Of
course, this does not mean that the existing URL or XRI identifiers are
invalid, nor does it mean that the "email address" has to be a real
e-mail address. But, this form would certainly be far simpler for most
people to deal use.<o:p></o:p></p>
<p> <o:p></o:p></p>
<p>If something like this has been discussed and rejected, what was the reason?<o:p></o:p></p>
<p> <o:p></o:p></p>
<p>Thanks,<o:p></o:p></p>
<p>Paul<o:p></o:p></p>
<p> <o:p></o:p></p>
</div>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
_______________________________________________<br>
specs mailing list<br>
<a href="mailto:specs@openid.net">specs@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/specs" target="_blank">http://openid.net/mailman/listinfo/specs</a><o:p></o:p></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
</body>
</html>