[OpenID] Correlating Identifiers (was: OpenID based on email addresses... Just Works!)
Ben Laurie
benl at google.com
Mon Nov 3 08:20:05 UTC 2008
On Sun, Nov 2, 2008 at 9:42 PM, Nate Klingenstein <ndk at internet2.edu> wrote:
> Nat,
> I agree, and I'm glad you highlighted this. Privacy also pertains strongly
> to other attributes. I think consistent use of AX as a transport protocol
> makes it much easier for sites to give proper privacy options to users.
> Separately, persistent opaque identifiers are a really good thing,
> especially when unique to a particular RP/SP. When Yahoo first made the
> decision to use them as the default in their implementation, I was worried
> that most of their applications, users, and developers would be baffled, and
> didn't know why they weren't targeted. I wonder if Allen has any new words
> of wisdom to share now that he has experience with them in practice.
I should point out that Google also use them.
> Take care,
> Nate.
>
> Now, IMHO, privacy advocates have much to say on this: correlations.
> So, we should tread carefully in this area, though.
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
More information about the general
mailing list