We don’t need i-names in OpenID 2.0 specs, please keep OpenID lightweight
The most thing I love about OpenID is that it’s a *decentralized* identity system, anyone with enough knowledge could setup a OpenID server in minutes, and with YADIS delegation support you can switch your identity provider in seconds, so there is no single failure point, and there is no Big Brother could control or monitor everything.
Yes, the url scheme still depends on DNS system, but DNS system is an *open system* and running successfully for decades to support the Internet. We all known how DNS system work and trusted it for a very long time.
So please don’t make simple things complicated, i-names could be easily support using idproxy.net-like proxy, we don’t need it in the core OpenID spec.
[The above is copied from a reply to openid-general maillist]
你的这篇文章出现在planet OpenID里面了。:)
但是如果需要通过像idproxy这样的第三方工具来支援其他身份验证服务,那openid的安全性和可靠性就更加不能保障了。