[OpenID] Identity-less OpenID
Breno de Medeiros
breno at google.com
Thu May 7 21:47:05 UTC 2009
Our recently introduced new UI remove reference to 'sign in' when
other attributes are requested (e.g., email). We did it on purpose to
make it more general in application.
You can now achieve the same result by sending a traditional OpenID +
AX request to the Google OP and saving the email address.
On Thu, May 7, 2009 at 2:41 PM, Andrew Arnott <andrewarnott at gmail.com> wrote:
> I don't think the two parties have to come to any agreement for it to
> be useful. Take the Google OP for example. An RP could skip the email
> verification step if a user enters a gmail address by sending an AX
> request to Google. This hypothetical RP doesn't want google's claimed
> identifier for this user--just the email. This RP trusts Google and if
> Google sends the same email back in the AX response then the email is
> verified.
--
--Breno
+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)
More information about the general
mailing list