[foaf-dev] Can OpenID identify a person
danbri at danbri.org
Thu Jun 7 13:22:48 BST 2007
Noah Slater wrote:
>> I don't think we should rush delegation description, and maybe it isn't
>> needed, and maybe it isn't needed in FOAF.
> I am no OpenID expert but I my conceptual model of delegation is a
> very similar concept to that of HTTP 302 redirection or what have you
> - i.e. not permanent. If you list an RDF resource as
> http://purl.org/foo/ you presumably don't want the software to
> normalise that URL into the delegated resource. Hence - are details of
> the OpenID delegation necessary given that it is OpenID's
> responsibility to handle this transparently?
> Hey, apologies if this doesn't make sense. I have probably missed
> something important and am misunderstanding you completely.
Makes perfect sense; I think we're both approaching the same point from
What I didn't articulate was my journey into having my own OpenID that I
own the domain name for. First I mucked about with hosted services, such
as from Verisign Labs and LiveJournal, where I've been an occasionally
paying customer. And I think I logged into a few sites directly using
those IDs. Later as it became clear that OpenID had more traction and
wholesomeness than much of the stuff floating around the "Identity"
scene, I decided to take my OpenID a bit more seriously, which for me
means using a domain name that is fully mine. And I read an example
somewhere that showed my how to do that delegation thing, and it was
The end result is that there is some data by me out there, eg. in SMW
demos, associated with my danbri.livejournal.com ID and some (typically
more recent) data that uses danbri.org. By normalising I don't mean
throwing away the detail, so much as allowing aggregators to be
justified in somehow associating them both with the person whose openid
>> <openid rdf:resource="http://danbri.org/"/>
>> <openid rdf:resource="http://danbri.livejournal.com/"/>
>> <homepage rdf:resource="http://danbri.org/"/>
> If http://danbri.org/ delegates to http://danbri.livejournal.com/ is
> there any reason to list http://danbri.livejournal.com/ in this case?
I suspect, per the little narrative above, that many people will use
hosted IDs before migrating to their own (eg. when/if DNS registrars and
ISPs move into that territory). So for every person, there will be some
"legacy" accounts and data in their old ID which they might want to be
associated with a later identity too.
> Also, how do you say which one is the authoritative URI - the one that
> will stick around when you change providers.
The idiom I was sketching above is: if someone claims a URI to be both
their homepage and their openid, that is a clue. Maybe we could/should
be more explicit?
More information about the foaf-dev