[OpenID] OpenID consumers should make it clear if they are going to publish a user's OpenID
Johnny Bufu
johnny at sxip.com
Tue May 15 01:21:15 UTC 2007
On 14-May-07, at 8:07 AM, Dave Kearns wrote:
> From: Martin Atkins
>>
>> Im afraid that my view on this problem has always been that if you
>> don't
>> want to be correlated, you should use a different identifier. The
>> beauty
>> of OpenID is that you don't have one identifier for many sites, or
>> one
>> identifier for one site... you have many identifiers for many
>> sites. You
>> can use the same single identifier for all sites, or you could use a
>> different identifier for each site, or a combination of the two.
>>
>
> What's the point of using different OpenID identifiers at different
> sites?
So that the sites (RPs) do not correlate your identities.
> Where's the benefit? What's the gain? Why not simply use the
> username/password option the site already offers instead of
> introducing
> needless complexity???
Your OP will manage all those identities, so you still get the
benefit of using only one (set of) authentication credential(s) to
login at all sites, and not be correlated by them.
Johnny
More information about the general
mailing list