OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: CanonicalID in XrdOne/TrustWorkflowByExample

I am breaking up the threads into relevant topics.

I think the CanonicalID should be a Cool URI (or persistent XRI), and
not just a regular URI (Domain name).
It is the CA's reponsibility that this Cool URI will never be reassigned
to another Subject.
It should be unique over the time: It must not point different Subject
over the time.
This is important for the OpenID usecase.

In OpenID 2.0, it is the authentication service that assigns the cool
uri, but it does not work in the delegation scenario. It should really
be the XRD that assigns the unique identifier.

-- 
Nat Sakimura (=nat)
Nomura Research Institute, Ltd. 
XDI.ORG Vice Chair

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]