cschum at suse.de
Thu Jan 22 13:24:46 UTC 2009
On Thursday 22 January 2009, Sabari Devadoss wrote:
> If the OP passes a verified email address via sreg or A/X then the RP can
> store this information and use it for AR purposes in cases where the user
> has forgotten the identifier used to log into the RP. One caveat is that
> the email being passed by the OP should be a verified email address. As
> part of the sreg testing currently underway at Yahoo! we pass the Yahoo!
> email address attached to the identifier which requires no additional email
> verification step on the RP's part.
Is there a way to find out, if the passed email address is verified and maybe
even what level of verification is done?
Cornelius Schumacher <cschum at suse.de>
More information about the user-experience