This has been discussed to death and really should be a FAQ by now, but it's not written up, so I'll add a few points:
-- we should discuss this as a generic email to URL mapping problem, and ignore what is done with that URL then. yes, it could be used as an OpenID -- that said, with directed identity in OpenID 2.0, a user just needs to type in "yahoo.com", or press the pretty yahoo button. No typing. -- For email-to-URL, NAPTR by itself is a non-starter. Technically it may be the correct way, but average people don't control their DNS. Hell, networksolutions doesn't even let you add SRV or TXT records. -- A good solution to email-to-URL mapping will likely involve an XRDS-Simple-style two-pronged discovery lookup path. Whereas XRDS-Simple says "try Accept header, then parse the <head> tag", a good email-to-URL lookup "protocol" (best practice?) might be to try NAPTR first, then fall back to this: http://brad.livejournal.com/2357444.html - Brad 2008/4/1 Paul E. Jones <[EMAIL PROTECTED]>: > Folks, > > > > I've seen discussion here and there on the use of the e-mail address as > the OpenID identifier. Perhaps this one says it best: > > http://www.majordojo.com/2007/02/what-openid-needs.php > > > > I share many of same opinions. If OpenID is going to be practically > usable by the average person, we cannot require the person to remember some > very complex identifier. When I signed up for Yahoo's OpenID service, it > presented me with a hideously ugly URL that looked similar to a > base64-encoded string. I could not begin to tell you what it was. > Fortunately, Yahoo allowed me to define my own, friendlier name. Still, the > ID is not one that the average user will remember or get right. > > > > While the e-mail address does not have to be the one's ID, it can > certainly serve as an alias. Suppose, for example, that the DNS records at > Yahoo contained the following entry: > > > > yahoo.com. IN NAPTR 100 10 "U" "OpenID2" > "^(.+)@(.*)$!https://me.yahoo.com/\1!i"; > > > > This would allow a Relaying Party to accept an e-mail address and perform > a simple transformation to get the "real" URL identifier. Of course, this > does not mean that the existing URL or XRI identifiers are invalid, nor does > it mean that the "email address" has to be a real e-mail address. But, this > form would certainly be far simpler for most people to deal use. > > > > If something like this has been discussed and rejected, what was the > reason? > > > > Thanks, > > Paul > > > > _______________________________________________ > specs mailing list > specs@openid.net > http://openid.net/mailman/listinfo/specs > >
_______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
