[OpenID] About Facebook, MySpace and OpenID
SitG Admin
sysadmin at shadowsinthegarden.com
Sun Apr 5 03:48:13 UTC 2009
>With Google, the user can't opt-out of sending the email address.
>Either Google totally ignores the email request because it's in
>if_available, or the RP puts it in 'required', and then Google won't
>complete auth at all without the user's consent to include the email.
So the RP would need to have some way of offering the user this
option before they left to go authenticate, increasing the work Gmail
users must do just to leave a comment. We could (with only a tiny bit
of work) intelligently respond to this for Gmail users only, but
without ways of identifying these ahead of time we'd have to present
the user with an extra page once we recognized a Gmail URI, instead
of sending them directly to their OP; this would, unless Gmail users
were the majority of our OpenID commenters, be necessary to *avoid*
confusing non-Gmail users, since we wouldn't want to put that option
in our primary interface where, for most, it wouldn't matter. (Users
with Gmail and at least one other OP might be discouraged from using
Google as their OP, for that reason.)
-Shade
More information about the general
mailing list