[OpenID] Migrating User Identifier URL re: Connect
SitG Admin
sysadmin at shadowsinthegarden.com
Sat May 29 19:56:12 UTC 2010
>migration. For instance, I might want to link a Yahoo and Google identity
>if I feared that one of those companies might shut down operation in my
>country, or if I planned to travel to some country where one of those OPs
>was likely to be unreachable.
It sounds like there are two similar use-cases here: one where the
user wants resilience (in case either of their providers shuts down),
and one where the user needs to have another OP *temporarily* be
counted as a legitimate alternative.
In the first case, if they can anticipate which OP is in imminent
danger of going down (or being compromised), they will want to make
sure that the old account cannot remove the new account; however,
they *do* want to make sure that the new account cannot be prevented
from removing the *old* account. (Single login would mean a
compromised OP could keep the backdoor open forever; MultiAuth would
mean a compromised OP could lock the user out of their account
indefinitely.)
In the second case, the user will not want that secondary OP
continuing to work after their vacation, due to the lockout and
backdoor issues described above.
Keeping track of which OP has what authority, and under what
circumstances, could get complicated. (For humans. The code is easy.)
-Shade
More information about the general
mailing list