<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I also find it odd as I’d quite like to have a durable
identifier, but not only do I have multiple emails, I tend to change emails
relatively often and I’m happy to share it using AX/SREG if/when I wish.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>Be interested in how an OpenID using my email as a primary identifier
would work if I wanted to change it.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I do like an email account being used to discover an OpenID
right enough, if every email mapped to an openid – <a
href="mailto:user@domain.com">user@domain.com</a> -> user.domain.com or
domain.com/user – from what I can see it doesn’t even need to be a
real email address… so long as the mapping can be done.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>From what I have read you’re really just talking about
making it easier for the user to enter an OpenID rather than changing how it
works…. I mean surely entering weblivz@hotmail.com can easily map to an
OpenID weblivz.hotmail.com<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
general-bounces@openid.net [mailto:general-bounces@openid.net] <b>On Behalf Of </b>Andrew
Arnott<br>
<b>Sent:</b> 30 October 2008 12:37<br>
<b>To:</b> Ben Laurie<br>
<b>Cc:</b> david@sixapart.com; OpenID List<br>
<b>Subject:</b> Re: [OpenID] OpenID based on email addresses... Just Works!<o:p></o:p></span></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>I'm surprised no one has brought this up, but remember that
having people log into RPs using their email address is giving away a very
personal bit of information that I'd like to hide more than give away. On
another thread concern was expressed over allowing OpenID to accidentally
reveal the preferred language of a user. Well to me I think email address
is far more concerning. <o:p></o:p></p>
<div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'>Of course an RP may want an
email address and AX or SREG is a great way to get it, but that's always the
user's decision while at the OP or later at the RP, and isn't a mandatory step
to even initiate the login process.<o:p></o:p></p>
<div>
<p class=MsoNormal>On Thu, Oct 30, 2008 at 3:00 AM, Ben Laurie <<a
href="mailto:benl@google.com">benl@google.com</a>> wrote:<o:p></o:p></p>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'>On Thu, Oct 30, 2008 at 7:07
AM, Chris Messina <<a href="mailto:chris.messina@gmail.com">chris.messina@gmail.com</a>>
wrote:<br>
> On Thu, Oct 30, 2008 at 4:14 PM, David Recordon <<a
href="mailto:drecordon@sixapart.com">drecordon@sixapart.com</a>> wrote:<br>
>> Can you use POBox.com with <a href="mailto:david@yahoo.com">david@yahoo.com</a>?
For the added complexity I just<br>
>> don't think it's worth it considering you already can't delegate your
email.<br>
>> If you control the domain then you can choose your Provider,
otherwise<br>
>> you're at the mercy of who controls the domain. Don't like it,
then don't<br>
>> use your Yahoo account as your OpenID. IMHO.<br>
>> --David<br>
><br>
> I'm coming around to this perspective.<br>
><br>
> While maximal flexibility would be ideal for "delegating email<br>
> addresses", I'm willing to compromise to find the simplest, easiest,<br>
> quickest and least costliest path to adoption.<br>
><br>
> While the mapping concept is a worthwhile one technologically, I think<br>
> that trying to push all the freedoms that you get with URL-based<br>
> OpenIDs into email addresses could be a losing proposition.<br>
><br>
> If we can support email addresses with maximal flexibility with<br>
> minimal costs, great, but from what I've seen of how changes actually<br>
> get made, changing the OpenID spec as little as possible is the best<br>
> way forward.<br>
><br>
> It sounds like the OpenID.identity approach might be the best way to<br>
> make this happen, pronto, without mucking with DNS and so on.<o:p></o:p></p>
</div>
<p class=MsoNormal>What is "the OpenID.identity approach"?<o:p></o:p></p>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
> Remember, email addresses today aren't really explicitly supported by<br>
> the spec; the goal should be to make that a possibility with as little<br>
> effort as possible.<o:p></o:p></p>
</div>
<p class=MsoNormal>It seems to me that there's a couple of things to consider:<br>
<br>
1. Often the RP actually wants an email address, because it wants to<br>
be able to communicate with the user. This can be solved with AX, of<br>
course _but_ I suspect users will be confused by having to give an<br>
"email address" that isn't actually their email address.<br>
<br>
2. It seems that its possible to do a pretty good job with just the<br>
domain - the email address is just a way to get the user to tell you<br>
what the domain is so discovery can start.<br>
<br>
Obviously discovery is a prerequisite, though.<o:p></o:p></p>
<div>
<div>
<p class=MsoNormal><br>
><br>
> Chris<br>
><br>
> --<br>
> Chris Messina<br>
> Citizen-Participant &<br>
> Open Technology Advocate-at-Large<br>
> <a href="http://factoryjoe.com" target="_blank">factoryjoe.com</a> # <a
href="http://diso-project.org" target="_blank">diso-project.org</a><br>
> <a href="http://citizenagency.com" target="_blank">citizenagency.com</a> #
<a href="http://vidoop.com" target="_blank">vidoop.com</a><br>
> This email is: [ ] bloggable [X] ask first [ ]
private<br>
> _______________________________________________<br>
> general mailing list<br>
> <a href="mailto:general@openid.net">general@openid.net</a><br>
> <a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
><br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><o:p></o:p></p>
</div>
</div>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</div>
</body>
</html>