[OpenID] OpenID, P2P and decentralization

Paul Madsen paulmadsen at rogers.com
Fri Mar 2 19:55:33 UTC 2007

Hi David, before you listed that email of mine, you asked yourself 'Has 
Paul made this identifier publicly available?' As I had, you felt it was 
safe to broadcast it.

But, who is to say that I want all of my OpenIDs publicized in the same 
fashion? I might use one only at a particular set of RPs or in a 
particular context. If I share such a contextual OpenID with yourself in 
order to represent some social connection between ourselve,  have I 
given up all rights with respect to what you do with it?

OpenID is an IDP discovery mechanism and a SSO protocol, it shouldn't 
dictate a particular privacy model.


Recordon, David wrote:
> Agreed, if you're using a public identifier then what is the harm.
> I'd also have no problem giving someone your email address,
> paulmadsen at rogers.com, since you've made it a public identifier by
> posting to publicly archived mailing list.  Same would apply for
> something like Ben Laurie's phone number since he posts it publicly at
> http://www.apache-ssl.org/ben.html.
> Now if you've shared an identifier with me which you don't use in a
> public fashion, then I would respect that and not share it.
> So same thing with an OpenID URL or iname.  If it is being used publicly
> http://davidrecordon.com or =kaliya then I don't see why it being
> referenced in a public fashion is a bad thing.
> --David
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of Carl Howells
> Sent: Friday, March 02, 2007 11:37 AM
> To: Paul Madsen
> Cc: general at openid.net
> Subject: Re: [OpenID] OpenID, P2P and decentralization
> (Sorry for the double-email Paul, I forgot how this list is set up.)
> Because an OpenID isn't private information?  The whole *point* of the
> system is that it's a public-facing identifier.
> Carl
> Paul Madsen wrote:
>  > David, you wouldn't give out my email, my home address, my SIN, or my
> phone number without asking yourself whether I might object, why should
> an OpenID be different?
>  >
>  > paul
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

Paul Madsen             e:paulmadsen @ ntt-at.com
NTT                     p:613-482-0432

More information about the general mailing list