<div>+1</div>
<div> </div>
<div>I was just writing the same thing... </div>
<div> </div>
<div>=nat<br><br></div>
<div class="gmail_quote">On Thu, Oct 30, 2008 at 12:10 AM, Drummond Reed <span dir="ltr"><<a href="mailto:drummond.reed@cordance.net">drummond.reed@cordance.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div lang="EN-US" bgcolor="white" vlink="blue" link="blue">
<div>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">If there were a clean way for the RP to pass the "display identifier" and let the OP return both that and a safe, persistent identifier as the claimed identity (either a hash URL or an XRI i-number), it would solve many usability problems.</span></font></p>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"> </span></font></p>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial">=Drummond </span></font></p>
<p><font face="Arial" color="navy" size="2"><span style="FONT-SIZE: 10pt; COLOR: navy; FONT-FAMILY: Arial"> </span></font></p>
<div style="BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: blue 1.5pt solid; PADDING-TOP: 0in; BORDER-BOTTOM: medium none">
<div>
<div style="TEXT-ALIGN: center" align="center"><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">
<hr align="center" width="100%" size="2">
</span></font></div>
<p><b><font face="Tahoma" size="2"><span style="FONT-WEIGHT: bold; FONT-SIZE: 10pt; FONT-FAMILY: Tahoma">From:</span></font></b><font face="Tahoma" size="2"><span style="FONT-SIZE: 10pt; FONT-FAMILY: Tahoma"> <a href="mailto:general-bounces@openid.net" target="_blank">general-bounces@openid.net</a> [mailto:<a href="mailto:general-bounces@openid.net" target="_blank">general-bounces@openid.net</a>] <b><span style="FONT-WEIGHT: bold">On Behalf Of </span></b>David Recordon<br>
<b><span style="FONT-WEIGHT: bold">Sent:</span></b> Wednesday, October 29, 2008 7:48 AM<br><b><span style="FONT-WEIGHT: bold">To:</span></b> Andrew Arnott<br><b><span style="FONT-WEIGHT: bold">Cc:</span></b> OpenID List<br>
<b><span style="FONT-WEIGHT: bold">Subject:</span></b> Re: [OpenID] OpenID based on email addresses... Just Works!</span></font></p></div>
<div>
<div></div>
<div class="Wj3C7c">
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p>
<div>
<p style="MARGIN-BOTTOM: 12pt"><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">Yeah, I think this general approach with the addition of knowing it is an email, doing directed identity, and passing the email as OpenID.identity is a good one. I really prefer to find a simple solution that doesn't involve running a mapping service or mucking with DNS.</span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">---</span></font></p></div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">Sent from my iPhone Classic.</span></font></p></div>
<div>
<p style="MARGIN-BOTTOM: 12pt"><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"><br>On Oct 29, 2008, at 7:44 AM, "Andrew Arnott" <<a href="mailto:andrewarnott@gmail.com" target="_blank">andrewarnott@gmail.com</a>> wrote:</span></font></p>
</div>
<blockquote style="MARGIN-TOP: 5pt; MARGIN-BOTTOM: 5pt" type="cite">
<div>
<p style="MARGIN-BOTTOM: 12pt"><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">This method does use directed identity, but as such it does <span><i><span style="FONT-STYLE: italic">not</span></i></span> provide the email address in the openid.identity field and it would be contrary to the spec to do so. Perhaps though you were suggesting that a future version support this? (I would be in favor of investigating this as well). </span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">On Wed, Oct 29, 2008 at 7:20 AM, David Recordon <<a href="mailto:drecordon@sixapart.com" target="_blank"></a><a href="mailto:drecordon@sixapart.com" target="_blank">drecordon@sixapart.com</a>> wrote:</span></font></p>
<div style="WORD-WRAP: break-word">
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">I'm a fan of this method, basically doing the directed identity flow and passing the user input (<a href="mailto:daveman692@yahoo.com" target="_blank"></a><a href="mailto:daveman692@yahoo.com" target="_blank">daveman692@yahoo.com</a>) in as openid.identity in the request.</span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">--David</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p>
<div>
<div>
<div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">On Oct 28, 2008, at 9:14 AM, Andrew Arnott wrote:</span></font></p></div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div></div>
<blockquote style="MARGIN-TOP: 5pt; MARGIN-BOTTOM: 5pt" type="cite">
<div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">I was going through the logs of <a href="http://nerdbank.org/RP/login.aspx" target="_blank">my test RP</a> and was surprised to see what looked like the efforts of someone who didn't understand how OpenID worked. One of the attempts included just using a Yahoo! email address. Guess what?! It worked.</span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"><br>It worked because (at least in .NET), the URL may validly include a user@ portion, as has been discussed on this list recently. It's just quietly dropped. That left "<a href="http://yahoo.com/" target="_blank"></a><a href="http://yahoo.com/" target="_blank">http://yahoo.com</a>" as the identifier to perform discovery on, which of course worked. To the user, the experience is nearly perfect. They see Yahoo where they must log in, choose an identifier, and then return to the RP. The only weirdness is that although the Claimed Identifier will always be right, if for prettiness' sake the RP were to display the user-supplied-identifier as the user originally typed it in that it might not match who actually logged into Yahoo. </span></font></p>
</div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">For instance, I can type in <a href="mailto:yourname@yahoo.com" target="_blank"></a><a href="mailto:yourname@yahoo.com" target="_blank">yourname@yahoo.com</a> and completely log in, even though that's not my email address. The claimed ID is mine, and that's what really matters, but it's a little quirky (from the end user's perspective) that I can type in anyone's yahoo email address and it just works. As a new user I may think that I managed to log in as someone else. </span></font></p>
</div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">Again, I know <i><span style="FONT-STYLE: italic">why </span></i>all this works based on the spec and my implementation of it; I just didn't expect that email discovery would come without at least some work (perhaps to trim off the username@ part). So I was pleasantly surprised.</span></font></p>
</div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"><br>Anyway, something to think about.</span></font></p></div></div></div>
<div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt">_______________________________________________<br>general mailing list<br><a href="mailto:general@openid.net" target="_blank"></a><a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank"></a><a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a></span></font></p></div></blockquote>
</div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div></div></div>
<p><font face="Times New Roman" size="3"><span style="FONT-SIZE: 12pt"> </span></font></p></div></blockquote></div></div></div></div></div><br>_______________________________________________<br>general mailing list<br><a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br><br></blockquote></div><br><br clear="all"><br>-- <br>Nat Sakimura (=nat)<br><a href="http://www.sakimura.org/en/">http://www.sakimura.org/en/</a><br>