[OT] Re: User @ domain.tld as ID (Once again)
Mike Hearn
mike at plan99.net
Thu Nov 3 06:49:19 PST 2005
On Thu, 03 Nov 2005 15:02:04 +0200, Rasqual Twilight wrote:
> Now *that* sounds better than having the mailto-like URI map to a
> centralized server.
I think people are getting mixed up here - the centralized mapping service
was proposed so that AOL/Hotmail/whatever users can use their email
address as their ID until such a day that those services support OpenID
natively.
It's mostly separate to the issue of how to implement email address
identifiers on top of the existing OpenID protocol (which isn't hard).
There's no centralisation involved with mapping user at host to
http://host/openid/user
> One inconvenience I see for OpenID URIs tied to an email address is
> how vulnerable to spam they become.
Presumably the web page the URL points to is supposed to be useful, I
think people would find it very poor usability to have nothing happen when
you type in somebodies "universal ID" into a web browser. And a useful web
page, pretty much by definition, provides some way for people to contact
you.
So it'd have to contain an email address anyway, or some kind of
sucky web form (which basically means solving the problem of spam by
simply not using email properly at all).
There is another issue here.
How many web sites actually *don't* ask for your email address when you
register? I don't even remember the last time this happened. Even blogs
and open source programs like bugzilla require email addresses
these days usually so they can email you your password if you forget it.
In other words, email addresses are already the canonical user identity! I
don't think you can escape from that.
thanks -mike
More information about the yadis
mailing list