<br><br><div class="gmail_quote">On Thu, Jan 22, 2009 at 5:25 AM, George Fletcher <span dir="ltr"><<a href="mailto:gffletch@aol.com">gffletch@aol.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Curious as to how you pass the verified email address using SREG (since the spec doesn't allow for this). Do you just assume that if the RP asks for the opeid.sreg.email that the RP want's the verified email address and the user has no choice about supplying a different email address?<br>
<br>
I know for me, that depending on the site I'm logging into with my OpenID, I might not want to use the verified email address attached to the OpenID. I tend to use different email addresses for different purposes, and forcing me to use the verified email address on my OpenID would "pollute" that separation I'm trying to maintain:)<br>
<br>
That said, I'm all for supporting verified email in SREG, I think we just need an extension so that the RP can specify specifically whether it wants a user selected email address? or the OP verified email address for the user.</blockquote>
<div><br>That's hopefully coming in AX 2.0.<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br>
<br>
Thanks,<br><font color="#888888">
George</font><div><div></div><div class="Wj3C7c"><br>
<br>
Sabari Devadoss wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Perhaps email is something that you have to have in order to sign up<br>
and access sites, but I'm not sure, again, that that's true for all<br>
audiences. I think more research is necessary in this area, and in<br>
specific applications.<br>
<br>
Chris<br>
<br>
</blockquote>
<br>
If the OP passes a verified email address via sreg or A/X then the RP can store this information and use it for AR purposes in cases where the user has forgotten the identifier used to log into the RP. One caveat is that the email being passed by the OP should be a verified email address. As part of the sreg testing currently underway at Yahoo! we pass the Yahoo! email address attached to the identifier which requires no additional email verification step on the RP's part. <br>
_______________________________________________<br>
user-experience mailing list<br>
<a href="mailto:user-experience@openid.net" target="_blank">user-experience@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/user-experience" target="_blank">http://openid.net/mailman/listinfo/user-experience</a><br>
<br>
<br>
</blockquote>
_______________________________________________<br>
user-experience mailing list<br>
<a href="mailto:user-experience@openid.net" target="_blank">user-experience@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/user-experience" target="_blank">http://openid.net/mailman/listinfo/user-experience</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>--Breno<br><br>+1 (650) 214-1007 desk<br>+1 (408) 212-0135 (Grand Central)<br>MTV-41-3 : 383-A <br>PST (GMT-8) / PDT(GMT-7)<br>