[OpenID] email address retrieval

[Nicolas Holzapfel]

2009/7/8 SitG Admin <sysadmin at shadowsinthegarden.com>

>  >>What if I don't want the *OP* to know my E-mail address, but I'm fine
> with *you* knowing it?
> >
> >The user is free to set up an email address and password with my site and
> not use an OP for logging in.
>
> I'm confused. It sounded at first like you just needed that information for
> notification purposes, but now it looks like you also (sometimes) use it for
> login purposes.
>

To clarify: an email address is not needed for registered purposes if the
using an OP for logging in.


>
> So, then, my options with your site are to either share my address with my
> OP, or to just not use OpenID at all? That, frankly, sucks ;)
>
>
> >Yes that was what I was uncertain about. I checked the Facebook Connect sample
> application <http://www.somethingtoputhere.com/therunaround/> and that is
> how it* appears* to work. Do certain OPs withold email addresses and
> certain OPs make them available?
>
> It's possible. The question for your site, I think, should be whether you
> are going to tell the user "We are sorry, but your OP (does not know / would
> not reveal) your E-mail address, so therefore we are not even going to give
> you a place to enter that information."
>
> I suggest planning for use-cases where the user wants to use OpenID *and*
> give you information that their OP is not privilege to.
>

Yep, you're right. I hadn't thought things through properly. Thanks for the
feedback.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090708/8f8e2e79/attachment.htm>