[OpenID] DotNetOpenAuth announces support of the Government profile of OpenID

[SitG Admin]

>The profile is quite paranoid about not exposing any PII, and if the 
>user were allowed to enter anything, that might give away something 
>about the personal identity of the user.  So instead, RPs must use 
>the nascar OP button display, which means all authentications begin 
>with an OP identifier (thus no delegation).

It instantly struck me as an odd concern, this "paranoia" when 
forcing users to communicate through an OP that probably required a 
LOT of PII from the user (and may provide it to "the government" upon 
request). If your PII is in the chain, someone can trace back to you. 
(Vanity domains, to be fair, can be the same - and if you put bad 
information in the Owner field, you may have trouble proving your 
right to that domain, later on.)

Does the profile permit multi-user OP's to make assertions about 
users for whom they have NOT collected any PII?

-Shade