Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's existed since 1988: LDAP/X.500[1] It's just not used globally because of three reasons, as far as I can tell,

1) most people don't want their information public and searchable to that extent

2) most orgs _want_ to silo you in or otherwise control your account

3) the org using x500 still needs to have their own permissions separate from the central directory, which is the harder part of auth[nz], so just rolling your own authn is often easier.

[1] https://en.wikipedia.org/wiki/X.500



Ah yes, and Shibboleth is another I should've thought of in earlier comment.

I think you're absolutely right in particular with #2.

But if it had come originally, alongside DNS, 'everything has an address, everyone has an identity', it might've been an unquestionable fact of the internet.

Orgs can't silo you in to their alternate net where they have a more desirable domain name, because it's just not practical or user friendly.

I just think it might have been so for user identity.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: