[OpenID] E-mail verification is MultiAuth

[SitG Admin]

>If the host/OP that is responsible for proper identification cannot 
>be considered responsible,

Sure it is - but, at the same time, we can't place all the power to 
impersonate users into the hands of any one third party. Responsible, 
yes; trusted, maybe; vulnerable, definitely. If (for example) 
Facebook asserts that it can be trusted as OP to verify a user's 
E-mail address (at another domain), we haven't solved any security 
problems; we've only shifted their burden onto another host. It's 
then *worse*, actually, because we double the exposure of those 
credentials (attackers can compromise the E-mail provider *or* they 
can compromise Facebook, either one will work), and also because 
Facebook becomes the centralized repository of that authentication 
measure, actually *removing* veto power from 3rd-party hosts that 
might want to protest "Wait, this user isn't who they say they are!". 
Aggregation is one of the *implications* of a user-centric (digital) 
world: we deal with more spokes in a peer-to-peer environment than in 
a server-terminals environment.

Re: misbehavior, I still think the "majority of OP's" requirement 
would restrict the danger posed by lone misbehaving OP's - indeed, 
the possibility of one or more of them "going rogue" was explicitly 
acknowledged and specifically addressed in that proposal!

-Shade