[OpenID] Email as Identity
Paul Austin
mail-lists at revolsys.com
Mon Mar 24 18:25:22 UTC 2008
There is obviously a balance between protecting privacy of information
and making it easy for the average person to remember their login account.
I can definitely see why in some cases you would not want to give your
email to some websites, although websites may still ask you for your
email address as is common with a lot of forum and social networking
type web sites.
The other thing to consider which one of the following would protect
your privacy better?
me at gmail.com
or
http://openid.gmail.com/me
What this example shows is that if you base a url based id on the email
user name then someone who knows that pattern already has your email.
Anyway, I'm sure this has been debated to death so I'm going to not
continue the debate any further and wait and see what comes out in the
future.
Cheers,
Paul
Nat Sakimura wrote:
> Besides, now that we can just enter mydomain.com
> <http://login.mydomain.com/?email=me@mydomain.com> to the RP, why
> would you want to leak your physical contact address such as email?
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080324/3924d6b9/attachment-0002.htm>
More information about the general
mailing list