[OpenID] OpenID consumers should make it clear if they are going to publish a user's OpenID
David Fuelling
sappenin at gmail.com
Mon May 14 16:03:04 UTC 2007
+1. If you don't want to be correlated, use a different OpenId. Your
OpenId provider should be able to provide you with more than one. I think
this discussion should be more directed at how the OP can help us avoid the
problem of correlation, rather than the RP.
david
On 5/14/07, Martin Atkins <mart at degeneration.co.uk> wrote:
>
> Simon Willison wrote:
> > One of the benefits of OpenID is that it lets accounts on different
> > sites be linked together. This has plenty of exciting implications,
> > but also introduces new privacy concerns. If a site publishes a user's
> > OpenID anywhere it is enabling cross-site correlation whether or not
> > the user (or site) wants it to happen.
> >
>
> Im afraid that my view on this problem has always been that if you don't
> want to be correlated, you should use a different identifier. The beauty
> of OpenID is that you don't have one identifier for many sites, or one
> identifier for one site... you have many identifiers for many sites. You
> can use the same single identifier for all sites, or you could use a
> different identifier for each site, or a combination of the two.
>
> This is already possible today. It's even easier with the help of
> "directed identity".
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070514/26e5ce46/attachment-0002.htm>
More information about the general
mailing list