No subject

a little bit of skin in the game of federated identification and has implemented
an e-mail based SSO system, I am a little bit surprised that OpenID does
not have a mapping to e-mail.  E-mail authentication is trivial to do: e-mail
a capability key to the address, encrypted with the public key for that e-mail
address if one is available, and holding that key means access to the e-mail
address.  I have imagined altering my SSO to allow OpenID identities as
well, except that software built on my SSO expects working e-mail addresses,
and the ability to send e-mails to them and have those e-mails eventually
get to the eyes (or equivalent, in case of blind users or robots etc)
of the user
in question.

Urls for blogs often have feedback mechanisms in them somewhere, but there
is no standard for that.

What would make sense from my point of view, would be a way, not to represent
an e-mail address as a hypertext URL, but a way to create a valid e-mail address
out of a authenticated URL identity.  This could be an optional part
of the OpenID
standard; something like when the I have authenticated as the person responsible
for http://davidnicol.blogs.tipjar.com/blog1.html, an e-mail addressed
to something
ugly, like  "openid-blog1.html at openid-smtp.davidnicol.blogs.tipjar.com" would
reach me.

Participating blog providers would be responsible for mapping whatever gets
to those inboxes into whatever comment qpproval queues exist already, modulo
issues (many still unsolved or at least not solved in a standard way) of e-mail
sender authentication of course.

Yes, setting that up would be complex, but it would not require
centralization, and
the authentication client package could have a flag in it indicating
if the mapping is
valid.

-- 
perl -le'1while(1x++$_)=~/^(11+)\1+$/||print'