[PROPOSAL] Handle "http://user at example.com" Style Identifiers
Martin Atkins
mart at degeneration.co.uk
Thu Nov 9 22:36:08 UTC 2006
David Fuelling wrote:
>
> I guess your suggestion (see your msg below) deals with a sub-topic of the
> whole "should email be allowed in the OpenId login form" debate, which is
> this:
>
Sometimes these things will be character-for-character identical to a
given email address by coincidence, but there's no way to enforce this
nor any guarantee that the user controlling http://blah@example.com/ is
the same user that controls mailto:blah at example.com.
Therefore I think calling these "identifiers with at signs in them"
email addresses is a mistake.
However, AOL can use http://username@aol.com/ so that their users are
able to enter their identifier. AOL can even call those things email
addresses if they want, because in AOL's namespace they are (presumably)
guaranteed to match. But neither the OpenID Spec nor marketing materials
should start running around saying "look! we accept email addresses
too!" as that's just going to cause confusion.
More information about the general
mailing list