On 05/08/10 20:35, David Earl wrote:
Are you going to take the email address on trust? It is really very easy to set up an OpenID provider which supplies any old email address on request. (There are some I think you can trust in principle - we know for example that Google and Yahoo provide verified email addresses, but in general I think it needs the round trip with the verification link in the email to be trustworthy).
I assume it still verifies it, but Kai is the expert.
Also, are you able to link OpenID logins together and with existing OSM accounts (i.e. keeping login identity separate from OSM identity and allowing OSM identities to have multiple ways of logging in)?
Currently it only allows one openid per account, but you can still have a password as well and use that if you want.
Tom -- Tom Hughes (t...@compton.nu) http://compton.nu/ _______________________________________________ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk