[OpenID] About Facebook, MySpace and OpenID

Allen Tom atom at yahoo-inc.com
Mon Apr 6 23:42:03 UTC 2009

Rabbit wrote:
> What are the most common reasons an RP needs to contact a user?
> * Account recovery mechanism
> * Internal service updates (new features, feature functionality 
> changed, newsletter)
> * Service activity updates (your friend posted new content)
> * more?
If these are the only use cases for RPs to require a user's email 
address, then giving the RP an anonymous email address that forwards 
messages to the user's real mailbox (aka Craigslist style) would be 

If the user needs to communicate with the RP out-of-band, then the user 
will need to know his OpenID, which isn't the case for most Yahoo and 
Google users. In this case, the user needs to be able to tell the RP his 
identifier, and the email address is most likely identifier that the 
user will know about.

Users who want to connect with their friends on social networking sites 
will need to know the OpenIDs of their friends. This probably would work 
for MySpace users, but searching based on email address is still 
probably the most common way to find friends on new sites.


More information about the general mailing list