I'm amazed that Google did this, but would be shocked if they did it deliberately. Here's what I got from a test RP when trying to log in using my <a href="http://profiles.google.com/andrewarnott">http://profiles.google.com/andrewarnott</a> identifier:<div>
<br></div><div><span class="Apple-style-span" style="font-family: 'Times New Roman'; font-size: medium; "><pre><span>The OpenID Provider issued an assertion for an Identifier whose discovery information did not match.
Assertion endpoint info:
ClaimedIdentifier: <a href="https://profiles.google.com/114635397638720587251">https://profiles.google.com/114635397638720587251</a>
ProviderLocalIdentifier: <a href="https://profiles.google.com/114635397638720587251">https://profiles.google.com/114635397638720587251</a>
ProviderEndpoint: <a href="https://www.google.com/accounts/o8/ud?source=profiles">https://www.google.com/accounts/o8/ud?source=profiles</a>
OpenID version: 2.0
Service Type URIs:
Discovered endpoint info:
[{
ClaimedIdentifier: <a href="https://plus.google.com/114635397638720587251">https://plus.google.com/114635397638720587251</a>
ProviderLocalIdentifier: <a href="https://plus.google.com/114635397638720587251">https://plus.google.com/114635397638720587251</a>
ProviderEndpoint: <a href="https://www.google.com/accounts/o8/ud?source=profiles">https://www.google.com/accounts/o8/ud?source=profiles</a>
OpenID version: 2.0
Service Type URIs:
<a href="http://specs.openid.net/auth/2.0/signon">http://specs.openid.net/auth/2.0/signon</a>
<a href="http://openid.net/srv/ax/1.0">http://openid.net/srv/ax/1.0</a>
<a href="http://specs.openid.net/extensions/ui/1.0/mode/popup">http://specs.openid.net/extensions/ui/1.0/mode/popup</a>
<a href="http://specs.openid.net/extensions/ui/1.0/icon">http://specs.openid.net/extensions/ui/1.0/icon</a>
<a href="http://specs.openid.net/extensions/pape/1.0">http://specs.openid.net/extensions/pape/1.0</a>
},]</span></pre></span><div>So Google has some messed up server/user config as it is -- let's just hope when they fix it, they make both the old and the new world work.</div><div><br></div>--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">On Sat, Jul 2, 2011 at 8:41 AM, Peter Watkins <span dir="ltr"><<a href="mailto:peterw@tux.org">peterw@tux.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">On Fri, Jul 01, 2011 at 08:48:29PM -0700, Johannes Ernst wrote:<br>
> It seems Google has changed their unique identifiers for people again.<br>
><br>
> Apparently I'm now:<br>
> <a href="https://plus.google.com/104555285104903729468" target="_blank">https://plus.google.com/104555285104903729468</a><br>
> as opposed to<br>
> <a href="http://profiles.google.com/Johannes.Ernst" target="_blank">http://profiles.google.com/Johannes.Ernst</a><br>
> and so many other variations over the years.<br>
<br>
</div>Someone from Google, please chime in!<br>
<br>
I run an RP site and Google is the most popular OP for the the<br>
users who choose to use OpenID instead of setting up "local" accounts,<br>
so this could be a significant problem for us. Most of our Google<br>
users get those ugly random per-RP identifiers, but a fair number<br>
have "profiles" identifiers. So even if this only affects "profiles"<br>
identifiers, a change like this is going to deny Google users access<br>
to the resources to which they are entitled.<br>
<font color="#888888"><br>
-Peter<br>
</font><div><div></div><div class="h5"><br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@lists.openid.net">general@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-general" target="_blank">http://lists.openid.net/mailman/listinfo/openid-general</a><br>
</div></div></blockquote></div><br></div>