[OpenID] Recycling OpenIDs (Was: What's broken in OpenID 2.0? (IIW session))

[Dmitry Shechtman]

>
> As far as I can remember, I did not agree to a Terms of Service (ToS)
> with AOL when I started to use my AOL ScreenName as my OpenID.


You did agree to AOL's ToS when you started using AOL screenname. You
probably also agreed to AOL's changing the ToS without notifying you and to
agree with every change. If those ToS don't contain an OpenID recycling
clause, that's AOL's problem (which is probably being fixed as we
correspond).

Again, these are issues that may at first seem irrelevant edge cases,
> but they really can get thorny once OpenID is used for non-trivial
> applications.


Quite the contrary, those are highly relevant, and we're on it! One solution
would be to simply stop recycling. Another one would be using email
hashes...


Regards,
Dmitry
=damnian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070514/4bcb950a/attachment-0002.htm>