[OpenID] My 2 Cents to the OpenID foundation

Hans Granqvist hans at granqvist.com
Thu Apr 2 15:50:04 UTC 2009

> URIs doesn't exclude email addresses.

The 2.0 spec was written with complete disregard for email and clearly states
that an identifier is either a "http" or "https" URI

The fact that you can cram an email into a URL by abusing the initial
username/password-in-the-URL intent doesn't change a thing. It is
just a lucky co-incidence.

I think we need to admit this mistake and move on instead of revising history.


More information about the general mailing list