Scroll down for English.
This is my talk in MozTW gathering at Kaohsiung today: Google Apps Account as OpenID, or, OpenID-ize your domain with Google Apps.
Slides are also available in zh-TW.
I was playing around with OpenID recently. I found that
are actually two distinct OpenID identifies. First I thought it was a flaw in the implementation library, however after checking URL normalization rules in OpenID specification, and RFC 3986 it referred to, I realized that people who write the specs has never consider the trailing dot in domain names; they think people should just leave the hostname as-is, without adding nor striping the dot.
Yes, they are indeed different as described in RFC 1034: The trailing dot represent the DNS root, indicated that hostname specified is a complete full qualified domain name (FQDN); the other being an incomplete one, where local software (e.g. OS-level DNS service) can try to complete it with knowledge of the local domain (e.g. primary DNS suffix). Yet for a URL that identifies people (“OpenID”, dah!), I think it’s strange to accept an incomplete domain name – nor indicate in the spec that an incomplete domain name (by definition of RFC 1034) should be treated as a FQDN.
Maybe future spec or RFCs should address this issue.
See also: Trailing Dots in Domain Names