[OpenID] PR: OpenID.co.uk - "MobileNumber.OpenID.co.uk" as URI

Chris Messina chris.messina at gmail.com
Thu Feb 8 01:28:06 UTC 2007 

For exchanging info, check out hcard/vcard and the other Attribute
Exchange spec.

Chris

On 2/7/07, Mark Cross <sites at thirdvisit.co.uk> wrote:
> Allen,
>
> hmm this is great feedback as UK cell phone numbers don't "presently" get
> recycled, so I have been blindsided by my location!
> With regards to transfer, I think there should be an agreement on standards
> to exchange profile information between OP's.
>
> Cheers Mark
>   ----- Original Message -----
>   From: Allen Tom
>   To: Mark Cross ;
>   Sent: Wednesday, February 07, 2007 10:18 PM
>   Subject: Re: [OpenID] PR: OpenID.co.uk - "MobileNumber.OpenID.co.uk" as
> URI
>
>
>   Hi Mark,
>
>   It is fine to give people the choice to use their phone number as their
> OpenID, however I do believe that it is an OP's duty and responsibility to
> inform their users as to why this might not be a good idea. This applies not
> only to phone numbers, but also to email and IM based IDs.
>
>   While phone numbers and other personal contact information are already
> posted on the net, ]users are usually able to control whether or not it is
> displayed, and to whom it displayed to.  The new twist with OpenID is that a
> someone may signin to an RP using their phone based OpenID, later regret the
> decision, and might not have a way to delete or hide their contact info.
>
>   A completely different issue regarding phone based OpenIDs is that phone
> numbers are often recycled. Is the OP supposed to periodically verify that
> the user still owns the claimed phone number? What happens if the phone
> number changes ownership? Is the OP required to hand over the OpenID to the
> new owner? If so, is the original owner locked out of all the sites that
> where he used his OpenID?
>
>   I do believe that the OpenID community should develop standard guidelines
> and best practices regarding OpenIDs and privacy, as well as address the ID
> recycling issue (as this is not limited to phone numbers). These questions
> are bound to come up if mass adoption is ever seriously considered, and it
> would be beneficial to the entire community if we have consensus on the the
> answers before the lawyers come asking.
>
>   Allen
>
>
>   Mark Cross wrote:
> Dear Allen,
>
> I agree with nearly all your arguements here and perhaps I need to think on
> but:
>
> - Nobody is forcing you to use your mobile - it's your choice (& just my
> idea)
> - We have phone numbers on net anyway, so what's the difference from a
> harvesting POV?
>
> Thank you for your feedback,
>
> Mark
>
> ----- Original Message -----
> From: "Allen Tom" <atom at yahoo-inc.com>
> To: "Chris Messina" <chris.messina at gmail.com>; <sites at thirdvisit.co.uk>;
> <general at openid.net>
> Sent: Wednesday, February 07, 2007 8:47 PM
> Subject: Re: [OpenID] PR: OpenID.co.uk - "MobileNumber.OpenID.co.uk" as URI
>
>
>   I really believe that it is not a good idea to encourage people to use
> personal contact infomation as their OpenIDs, which applies to both phone
> number and email/IM based IDs. The reason is that spammers and griefers
> will make life unbearable for people using these IDs.
>
> The user's OpenID will invariably be displayed at many RPs, and if the
> user's contact information could be easily determined by the OpenID, it
> would just be a matter of time before OpenID gets a bad rep for attracting
> spam, and everyone switches back to disposable IDs again, or abandons
> OpenID altogether.
>
> This is the same argument as to why it is not a good idea to post your
> email address, IM screenname, or phone number online, especially if its on
> some random RP that you're not all that familar with.
>
> For OpenID to succeed, it is very important that the early adopters think
> very carefully about these issues, or else OpenID could develop a poor
> reputation,  preventing its widespread adoption.
>
> Allen
>
>
>
> Chris Messina wrote:
>     Perhaps the better way to think about this is as a personal OpenID
> alias? So rather than publishing it all over the place, an iDP might
> offer "phone number aliasing" to help people remember their openids...
> So say I sign up on JanRain and add my phone number -- which is
> confirmed by SMS or callback code system... Perhaps I could then use
> [phonenumber].myopenid.com to login... Just a thought.
>
> Chris
>
> On 2/7/07, Allen Tom <atom at yahoo-inc.com> wrote:
>       Hi Mark,
>
> Exposing one's phone number might not be a good idea for everyone, as
> griefers and stalkers would have an easy way to harass people who had
> phone number based IDs.
>
> Also, what happens if and when a phone number is recycled?
>
> Allen
>
>
> sites at thirdvisit.co.uk wrote:
>         Hi,
>
> Shameless plug:
>
> http://www.openid.co.uk
>
> Please visit and digg if you like it!
>
> Cheers Mark
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>           _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>


-- 
Chris Messina
Citizen Provocateur &
  Open Source Ambassador-at-Large
Work: http://citizenagency.com
Blog: http://factoryjoe.com/blog
Cell: 412 225-1051
Skype: factoryjoe
This email is:   [ ] bloggable    [X] ask first   [ ] private

More information about the general mailing list