[OpenID] "Nightmare" article on OpenID
Tatsuo Kudo
tatsuo.kudo at gmail.com
Thu Nov 18 06:03:33 UTC 2010
On 2010/11/18, at 9:55, John Bradley <ve7jtb at ve7jtb.com> wrote:
> The value of openid.realm is used to determine the value of the persistent userID returned by Google.
>
> There is a PAPE parameter that can trigger the same behaviour in other OP where the RP doesn't want a correlatable identifier (some Gov sites ).
>
> Google is the only OP that is currently doing that by default, that I know of.
AFAIK, NTT ID Login Service and docomo ID are also doing the realm based user identifier by default.
Tatsuo.
>
> I know that you can now use a custom openID URL, but that requires the user to rebind their account at the RP.
>
> The topic of identifier migration has been discussed quite a bit recently.
>
> John B.
> On 2010-11-17, at 9:01 PM, Bill Shupp wrote:
>
>> http://blog.wekeroad.com/thoughts/open-id-is-a-party-that-happened
>>
>> I'm curious about the claim that Google's unique identifiers changed, and he lost access to his users. Does anyone know if there's anything to that? I thought that was bound to the realm or return_to parameter.
>>
>> Cheers,
>>
>> Bill
>> _______________________________________________
>> general mailing list
>> general at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-general
>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20101118/978017cc/attachment.html>
More information about the general
mailing list