On Oct 19, 2006, at 14:56, Josh Hoyt wrote:
I'm in favor of keeping the OpenID Authentication Protocol specification as small as possible, with as few restrictions as possible to get useful behavior.
Fully agree. The genius of HTTP and RSS and mass-market protocols like them was not in what they included, but what they left out. There are some lessons that we can learn here.
The more we can reduce the scope, the more likely it is that we can develop a tight, usable specification that does not hold anyone back and is easy to implement.
Exactly.
There are a couple of different insights that are common to OpenID, SXIP, LID, and the myriad other URL-based single-sign-on solutions that are out there. I want to codify the things that we all agree on and allow innovation around the things that we do not.
Hey, Josh, what happened, you are taking the words out of my mouth today!! ;-)
I do not feel strongly about this particular issue, but I do feel strongly that if possible, we should REDUCE the scope as much as possible.
Yes yes and more Yes.
If there is a way to accomplish your goal without changing OpenID, then DON'T CHANGE OPENID. It's easy to put stuff in the next revision, but it's hard to take stuff out. OpenID has been successful because its scope was intentionally extremely narrow. Lets keep it that way.
Absolutely. Johannes Ernst NetMesh Inc.
http://netmesh.info/jernst
_______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs