There has been much ado over the last year about identity. Most of the early plays were centralized thinly-veiled attempts to own your identity. Even many of the 2.0 systems depend on the solvency of a managing organization. SAML is a big heavy beast as you might expect from a committee.
So, I was very excited in January of 2005 to see LID. I set out to make my site compliant. I started by writing a server, as I needed a LID URL for testing. It quickly became apparent, though, that reusing an already-dynamic URL would require I modify existing request-handling code. At that time, I was using SnipSnap and the project was dormant and not very extensible, so sharing my work would require forking the codebase.
It is ridiculous, I concluded, that I should even have such a dilemma, why can’t I just reference the LID server URL from my published, friendly one? So I queried Johannes Ernst:
I find it a bit unwieldy to have the LID server acting as a filter for a URL otherwise served by other applications. I would like to understand why the spec doesn’t either postfix the URL (e.g. “http://www.example.com/~me/lid/”) or always begin the querystring with a parameter that can be used for filtering (e.g. ?lid&help=help”). (I don’t want to simply use http://phobia.com/lid/, as I think the re-use of web URLs is an appealing attribute of LID.)
He responded by pointing me to a rationalization of using your “real” URL which didn’t really answer my question, ignored my acknowledgement of same, and made it clear he just didn’t see why I might be annoyed that his spec basically asserts “we hereby claim a set of querystring parameters in the name of NetMesh!”
So, I just lost interest and decided to give the market more time to find a solution. A year later, and along comes OpenID, which has this to say about LID:
Assumes that identity URLs are dynamic documents that can handle fancy URL parameters. Not true in real life, which is key for adoption.
Amen, brother. The tremendous interest a decoupled approach has garnered has even convinced Johannes that even OpenID isn’t abstract enough, and we really need more redirection so everyone can still have their favorite spec. Whatever. I’ll be looking to comply with OpenID soon.
2 Comments
For example, Yadis — initiated by NetMesh and Six Apart/OpenID and taken up by the community around yadis.org — which puts both LID and OpenID under the same discovery umbrella (which has the “delegation” features you are asking for).
And that the NetMesh LID implementation (both downloadable code and hosted at myLID.net) now supports OpenID and Yadis. So among other things, it does what you are asking for.
Personally, I feel that Yadis is an unnecessary layer and is “too hard” to be widely adopted (as with Liberty or any number of RDF-based semantic web initiatives).
Don’t be too offended, though… I challenge because I care. LID and your Identity 2.0 talks woke the community up; we might be a year or more behind if you hadn’t woken everyone up.