[OpenID] Correlating Identifiers

Thu Nov 6 10:06:36 UTC 2008

Hi!

On Thu, Nov 6, 2008 at 1:06 AM, Allen Tom <atom at yahoo-inc.com> wrote:
> Hi Nate -
>
> By default, Yahoo users get a single machine generated OpenID identifier
> which is used at all RPs that the user signs into. Because the identifier is
> not unique to the RP, the user can be identified across multiple sites.
>
> Prior to launching our OpenID service, Yahoo's policy with our proprietary
> SSO service was to issue RP-specific identifiers to prevent RPs from sharing
> data about the user and correlating user behavior across different sites.
>
> Based on our discussions with the OpenID community, we concluded that the
> spirit of OpenID is to allow a user to reuse the same identity across the
> net, which implied that we should not vary the identifier that is returned
> to RPs. We believe that there is value in having an identifier with a
> reputation attached to it, and that in the future, RPs may be able to take
> the user's reputation into account to optimize the content and services
> given to first time visitors.

We had this discussion quite a bit on the DataPortability chat a while
back and I wonder if that's really working for everybody as maybe some
people don't want to be aggregated into a single identity. I might
want a different profile on different sites and those sites not to be
able to aggregate it. So basically let the user decide.

But then again it depends on your provider if you can e.g. use
"yahoo.com" and not some personal identifier which then the site would
have anyway. So maybe this problem is one step before OpenID and some
service could allow you to attach different OpenIDs to the same set of
profiles you usually choose from (so the data for you at least is
still aggregated and centrally editable).

Just a thought.

-- Christian

-- 
Christian Scholz
Tao Takashi (Second Life name)
taotakashi at gmail.com
Blog/Podcast: http://mrtopf.de/blog

Company: http://comlounge.net
Tech Video Blog: http://comlounge.tv
IRC: MrTopf/Tao_T