[OpenID] [LIKELY_SPAM]Re: [LIKELY_SPAM]Re: Combining Google & Yahoo user experience research

[George Fletcher]

I think there are at least two use cases involving email addresses that 
can be easily confused...

1. Use the email address as an indicator or pointer to a valid OpenID as 
the email address is an identifier that the user currently remembers.
   - this is the use case that EAUT is targeting and, if I understood 
correctly, what Chris is discussing as well

2. Verify an email address for those RP's that want/need/require a 
"verified email address"
   - this is more about the RP getting a verified identity attribute
   - the expectation is that an OpenID based flow would allow a user who 
has to verify their email address to do it in "real time" rather than 
the async email method used today

I believe we need to keep these two use cases separate because the 
intentions/outcome is really quite different.

Thanks,
George

SitG Admin wrote:
>> I'd guess that a contributing factor here is that most OPs don't support
>> passing the email address via SREG.
>>     
>
> Since the discussion here seems to be about not only verifying E-mail 
> addresses, but using them in place of a URI, does it matter whether a 
> RP supports *receiving* an E-mail address via SREG?
>
> I don't want users' E-mail. I don't *need* users' E-mail. I don't 
> care. Is the requirement (that a user be able to receive E-mail at 
> their address) going to require me to be able to send them E-mail so 
> I can confirm their OpenID?
>
> -Shade
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>