[OpenID] FW: PROPOSAL: An Extension to transform an EMail Address to an OpenId URL

David Fuelling sappenin at gmail.com
Fri Feb 9 16:20:24 UTC 2007

Cross-posting for those who don't subscribe to the specs list.  If possible,
let's discuss this on specs at openid.net.



> -----Original Message-----
> From: David Fuelling [mailto:sappenin at gmail.com]
> Sent: Friday, February 09, 2007 11:20 AM
> To: 'specs at openid.net'
> Subject: PROPOSAL: An Extension to transform an EMail Address to an OpenId
> Hey List,
> Here's a proposed openid *extension* I wrote up that details how to
> transform an SMTP Email Address into an OpenId URL that can be used in the
> existing OpenID Auth 2.0 protocol.
> --------
> 1.) Allows Users to login to an RP using an email address.
> 2.) Provides a flexible methodology for *domain owners* to tell RP's how
> to deal with an email address.
> 3.) Allows RP's to verify that a given OpenId URL owns a given email
> address, and can work even if the user performs Initiation via a URL (the
> latter requires OpenId Attribute Exchange (AX) in order for the RP to
> retrieve the email address).
> 4.) Assures privacy for users who choose not to use an email address as a
> User-Supplied Input at the RP -- The transform protocol is one-way
> (meaning an RP needs an email address first to discover a corresponding
> OpenId URL).  Using a Claimed Identifier to discover an email address is
> not guaranteed to work, and most likely will not work.
> I know there are some in the community who consider "letting the user use
> an email address to login to an RP" a bad idea -- however, I don't think
> this debate was ever fully resolved.  At any rate, this is why I am
> proposing this as an extension.  If an OP/RP doesn't want to use this,
> they don't have to.
> I appreciate any and all feedback!
> Thanks!
> David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070209/45f6fc10/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-email-transform-extension-1_0.xml
Type: text/xml
Size: 42823 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070209/45f6fc10/attachment-0002.bin>

More information about the general mailing list