3 Architectural Assumptions
We have found it is easiest to understand an architecture if it explicitly lists its assumptions; so here you are.
3.1 Fully decentralized, and no one point of control
The Internet is a big place, in which centralized control of any kind is very difficult or impossible. While the technology is quite simple in the case of ICANN, for example, the checkered history of ICANN can serve as the proverbial Exhibit A for this conjecture. On the reverse, where certain companies have been successful in establishing a technical or organizational choke hold on the Internet, innovation these days tends to route around that.
We believe any digital identity architecture must take these lessons learned and not introduce any additional centralized bottleneck, whether of a technical or of a governance nature, if there is a way of avoiding it. LID and OpenID have both demonstrated that this is possible.
3.2 Let many (interoperable) flowers bloom
We firmly believe that innovation is a good thing and want to enable people around the world to innovate upon this interoperable infrastructure, instead of declaring we have all the answers already and making ourselves the bottleneck for innovation.
We believe that digital identity technologies today are only the tip of the iceberg, and, while growing, the market is only embryonic today. For example, so far we have seen little public debate on the merits and issues of personal digital identity technologies; we can bet that such a debate will occur and that it will have substantial impact on what technologies will be broadly accepted and which won't. So we feel it is paramount to let people with good ideas plant new flowers and let those flowers bloom. While there may be a point that a single identity system reaches critical mass on its own, providing a foundation for interoperability will only decrease the amount of time before the general public understands and uses digital identity systems.
Yadis supports the introduction of new services by anybody, while providing enough of a foundation to support interoperability.
3.3 URLs as identifiers
It is a natural expectation of (non-technical) users that that they can employ search engines such as Google to find people, e.g. by searching for the first and last name of the person, company name etc.
Today, search engines most likely find a person's blog or home page (if they have one) first. Therefore, we believe using URLs (such as blog or homepage URLs) as identifiers for people is A Good Thing.
It is possible to extend the Yadis architecture to work with non-URL identifiers as well.
This draft begins the work of integration with XRIs / i-names. We intend to integrate with other, non-URL-based personal digital identity technologies. We do however feel that reaching critical mass will be obtained first upon the assumption of the use of URLs as personal identifiers.
3.4 RESTful and easy to use for developers
Digital identity technologies can only live up to their full potential if it is really easy for developers of all kinds – from hobbyists running, say, a PTA's discussion board, through open source projects to large commercial firms – to identity-enable their projects. Thus it is paramount to make and keep Yadis as simple as possible.
For example, Yadis does not require SOAP or a web services stack.
LID and OpenID implementations exist already in many common programming environments (e.g. PHP, Perl, Java) and can be incorporated easily into existing applications. See Yadis Implementations for more information.