Yahoo available AX attrs - backchannel/endpoint URLs
Joseph A Holsten
joseph at josephholsten.com
Thu Dec 10 04:25:10 UTC 2009
On Dec 9, 2009, at 9:42 AM, SitG Admin wrote:
> Chris Messina wrote:
>> Third, it suggests that whatever metadata the user doesn't provide
>> herself, a site author may attempt to harvest elsewhere.
>
> Which is something we need to establish best practices around, to
> discourage just that: the *attempt* to harvest correlating
> (meta)data elsewhere. Site authors who mix up authentication data
> and accidentally commit identity theft on the user's behalf will not
> be admired.
Care to unpack that? I always felt that it's foolish not to use public
data to inform interaction with the user.
--
j
More information about the specs
mailing list