[OpenID] Migrating User Identifier URL re: Connect
Peter Watkins
peterw at tux.org
Sun May 30 02:28:50 UTC 2010
On Sat, May 29, 2010 at 08:47:21PM -0400, John Bradley wrote:
> RPs can and do link multiple ID to a single account.
But only with custom code. Put this in the spec and it's likely
to be included in popular code libraries (even if it's not a
requirement), which will make it easier for RPs to add linking,
and likely make the linking more secure.
> You want some sort of automatic account linking hint for a RP so that if it supports that it can add other claimed_id to your account?
I don't know what you mean by automatic. There's a privacy angle to
linking, so this ought to be an action that is requested by the
end user.
> That is probably doable.
>
> I don't know that we can require RP to support account linking.
I don't think you should. Spec how it MAY be done and let implementors
decide whether to support it or not. While I'd love to see this, I don't
think it's important enough to make it more difficult to comply with
the spec.
> I suspect with connect they will probably wan't to have access to more of your social graph, so will be encouraged to support it.
> On 2010-05-29, at 2:54 PM, Peter Watkins wrote:
> > If you're going to formalize identity migration, please consider extending
> > it to handle "identity linkage". Users might want to tell an RP to treat
> > two different identities as identical for a number of reasons, including
> > migration.
More information about the specs
mailing list