Using email address as OpenID identifier

Martin Atkins mart at degeneration.co.uk
Mon Apr 7 17:56:57 UTC 2008 

Paul E. Jones wrote:
> 
> Perhaps it is important to say, though, that I do not think it requires 
> the e-mail providers to get on board with this (in my view) simpler 
> notation.  I could use an ID like paulej at myopenid.com and that should 
> work, if myopenid.com would publish the appropriate NAPTR record.  I 
> could also insert NAPTR records into the packetizer.com DNS server that 
> would allow me to use my email address, but point at my preferred OpenID 
> provider.  In short, just because the user at domain syntax is used does 
> not mean that it necessarily an e-mail address: it could be, but more 
> importantly, it just follows that familiar format documented in RFC 822.
> 

Funnily enough, I've always percieved the fact that syntactically-valid 
but non-existant email addresses are being used as identifiers as a 
problem rather than a benefit:

  * It creates confusion for users when something looks like an email 
address but it doesn't behave as one. I've seen this sort of confusion 
with Jabber servers, where users get confused that their Jabber ID and 
email address are not the same, especially when Jabber clients say "For 
example, user at example.com" under the Jabber ID field.

  * If not all email-shaped OpenID identifiers are actually working 
mailboxes, it's likely to lead to a distressing user experience where 
the user is first asked to enter their OpenID identifier -- that is, 
their email address -- and then they're asked to enter and verify their 
email address. At this point, I expect users to at best say "Stupid 
computer! Remember what I've told you!" and at worst get confused and 
think that the OpenID identifier they entered was not correct.

  * As has often been raised in both the OpenID-with-email and in the 
Jabber circles, many people are reluctant to give up their email 
addresses to the public eye for fear of spam. Note that Yahoo.com will, 
by default, use a big opaque string as an identifier rather than the 
user's Yahoo! account name for this very reason.

More information about the specs mailing list