Map/Normalize Email Address to IdP/OP URL (Was [PROPOSAL] Handle"http://user at example.com" Style Identifiers)
David Fuelling
sappenin at gmail.com
Fri Nov 10 18:05:02 UTC 2006
> -----Original Message-----
> From: Dick Hardt [mailto:dick at sxip.com]
> Sent: Friday, November 10, 2006 11:28 AM
> To: David Fuelling
> Cc: specs at openid.net; general at openid.net
> Subject: Re: Map/Normalize Email Address to IdP/OP URL (Was [PROPOSAL]
> Handle"http://user@example.com" Style Identifiers)
>
> I strongly have the view that dad at example.com is a really bad idea.
>
> Your dad is not providing his password to the RP, and should not be
> prompted for his username there.
>
> He should be prompted for the site he wants to get sent to where he
> can then enter his credentials.
>
> This model is something your dad is likely even more familiar with,
> typing in hostname into the address bar. Typing in the site where he
> logs in is what he does at the OpenID prompt.
>
> btw: why is this thread cross posted?
>
> -- Dick
Dick,
Valid points. I'm curious to know:
1.) Do you think 'email address normalizing to IdP URL [ignore userid]'
would qualify as an OpenId extension (i.e., could it "ride on top" of the
current protocol)?
2.) Would you have the same objections if this were an extension, but not in
the formal spec?
More information about the specs
mailing list