<div class="Ih2E3d">On Thu, Oct 30, 2008 at 3:53 PM, Martin Atkins <span dir="ltr"><<a href="mailto:mart@degeneration.co.uk" target="_blank">mart@degeneration.co.uk</a>></span> wrote:<br></div><div class="Ih2E3d"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Users have the freedom to choose an OP. If they use the identifier issued to them by Yahoo today they're tied to Yahoo as well.<br>
<br>
I don't follow the line of reasoning with this argument. All OpenID
identifiers are fundamentally based on DNS, the owner of the domain
you're using will ultimately be in control. Adding email-based
identifiers into the mix doesn't change this. While I agree that being
able to unilaterally switch identifiers later would be useful, this is
not something that's specific to email addresses; it's a more general
problem with OpenID as it stands today, regardless of what scheme your
identifier uses.<br>
</blockquote></div><div><br>This line of reasoning doesn't make sense
if you're thinking of an email address as a "1st-Class" OpenID.
However, if your OpenID is really an XRI or URL (only), then your email
address becomes a surrogate for your OpenID, or a pointer. That's why
email addresses are a special case -- today they're not really
OpenID's, so if we're going to start using them "like" openId's, then
we need to add a lot of flexibility into the mechanism so that (at a
domain owner's discretion, and the discretion of user controling a
particular email address in that domain) any particular email address
can be a surrogate for any of that user's OpenIDs.<br>
<br>Besides, with OpenID 2.0, I can use a particular URL (e.g., <a href="http://openid.sappenin.com/david" target="_blank">http://openid.sappenin.com/david</a>) but it really "maps" to my acutal OpenID (<a href="http://sappenin.myopenid.com/" target="_blank">http://sappenin.myopenid.com</a>). It seems odd that so many people are arguing to take away this feature of OpenIDs when it comes to email addresses.<br>
</div><div class="Ih2E3d"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br>
I will note however that my email-addresses-in-OpenID proposal[1] does
include a provision for redirecting that has the same behavior as a
HTTP redirect i.e. it "canonicalizes" the claimed identifier. You can
redirect from a mailto: URL to a HTTP URL using this mechanism, if you
wish.<br>
</blockquote></div><div><br>I'm open to some of this -- see my other message about an OpenID Extension to support email addresses.<br> </div><div class="Ih2E3d"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
I will concede that doing this "redirect" at the DNS level does not
have the full flexibility of the HTTP-based mapping service offered by
EAUT, but I would also claim that mapping mailto:<a href="mailto:example@yahoo.com" target="_blank">example@yahoo.com</a> to <a href="http://sappenin.com/" target="_blank">http://sappenin.com/</a> is a pretty unusual case and not something we should be going out of our way to support.</blockquote>
</div><br>I fully disagree. I do this currently with my OpenID. Why wouldn't I do it with my email address?