[OpenID] Migrating User Identifier URL re: Connect

Peter Watkins peterw at tux.org
Sun May 30 02:28:50 UTC 2010


On Sat, May 29, 2010 at 08:47:21PM -0400, John Bradley wrote:

> RPs can and do  link multiple ID to a single account.

But only with custom code. Put this in the spec and it's likely
to be included in popular code libraries (even if it's not a
requirement), which will make it easier for RPs to add linking,
and likely make the linking more secure.

> You want some sort of automatic account linking hint for a RP so that if it supports that it can add other claimed_id to your account?

I don't know what you mean by automatic. There's a privacy angle to
linking, so this ought to be an action that is requested by the
end user.

> That is probably doable.
> 
> I don't know that we can require RP to support account linking.   

I don't think you should. Spec how it MAY be done and let implementors
decide whether to support it or not. While I'd love to see this, I don't
think it's important enough to make it more difficult to comply with
the spec.

> I suspect with connect they will probably wan't to have access to more of your social graph,  so will be encouraged to support it.

> On 2010-05-29, at 2:54 PM, Peter Watkins wrote:

> > If you're going to formalize identity migration, please consider extending
> > it to handle "identity linkage". Users might want to tell an RP to treat
> > two different identities as identical for a number of reasons, including
> > migration.



More information about the specs mailing list