<div class="gmail_quote">On Tue, Oct 21, 2008 at 7:25 PM, Allen Tom <span dir="ltr"><<a href="mailto:atom@yahoo-inc.com">atom@yahoo-inc.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div bgcolor="#ffffff" text="#000000"><div class="Ih2E3d"><br></div>
I do think that it would be pretty straightforward to just chop off
everything after the @, and perform discovery on the domain of the
email address. <br></div><br></blockquote></div>+1. I don't think that, in the case of an email address provided as an identifier that the email address provided should be considered. Instead, it's all about resolving the identifier at the email domain. <a href="mailto:factoryjoe@aol.com">factoryjoe@aol.com</a> simply becomes <a href="http://aol.com">aol.com</a> and discovery is completed there.<div>
<br></div><div>The RP should probably also discard the provided email address and rely on the identifier returned by the OP (hence the "relying" in "relying party").</div><div><br></div><div>There's a simple rational for this. I may have several email addresses or identifiers associated with my account, but use entirely different credentials to sign in to the service. It may also be the case that the course of doing the OpenID dance, I may choose a certain persona to return to the RP. For example:</div>
<div><br></div><div>1. Enter <a href="mailto:factoryjoe@aol.com">factoryjoe@aol.com</a>. Return claimed identifier <a href="http://openid.aol.com/factoryjoe">openid.aol.com/factoryjoe</a>.</div><div>2. Enter <a href="mailto:factoryjoe@aol.com">factoryjoe@aol.com</a>. Return claimed identifier <a href="http://openid.aol.com/factoryjoe/otherpersona">openid.aol.com/factoryjoe/otherpersona</a>.</div>
<div><br></div><div>The RP should treat an email address according to the identifier select model, and only consider the domain.</div><div><br></div><div>Chris<br clear="all"><br>-- <br>Chris Messina<br>Citizen-Participant &<br>
Open Technology Advocate-at-Large<br><a href="http://factoryjoe.com">factoryjoe.com</a> # <a href="http://diso-project.org">diso-project.org</a><br><a href="http://citizenagency.com">citizenagency.com</a> # <a href="http://vidoop.com">vidoop.com</a><br>
This email is: [ ] bloggable [X] ask first [ ] private<br>
</div>