[OpenID] [LIKELY_SPAM]Re: [LIKELY_SPAM]Re: Combining Google & Yahoo user experience research
David Fuelling
sappenin at gmail.com
Thu Oct 30 04:39:29 UTC 2008
On Mon, Oct 27, 2008 at 4:30 PM, George Fletcher <gffletch at aol.com> wrote:
>> Once you've got a discovery mechanism for email, you can do OpenID
>> Authentication on email addresses. At that point -- assuming you're
>> willing to trust the domain in question -- you have in-band email>>
address verification.
>Yes, this is the expectation. The only difference with this an EAUT is
> that EAUT allows the resulting OpenID to not be owned by the email
> domain provider. In the case of "email verification" this additional
> level of indirection isn't really valuable.
Sounds like you're saying EAUT can't be used to do email verification.
I wrote a blog entry on how it very much can. See here for more details:
http://softwareblog.sappenin.com/2008/10/automatic-email-address-control.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20081030/2f7e115d/attachment-0002.htm>
More information about the general
mailing list