[OpenID] About Facebook, MySpace and OpenID

Eric Norman ejnorman at doit.wisc.edu
Fri Apr 3 17:25:50 UTC 2009


On Apr 3, 2009, at 11:33 AM, Brian Kissel wrote:

> If all OPs would pass a verified email address (with end user consent) 
> I believe all RPs would certainly prefer it.

Why would an RP consider an email address verified if it is supplied
by an OP that is controlled by the user?  Do you really expect an RP
to consider an email address verified based on nothing more than the
user's say-so?


Eric Norman




More information about the general mailing list