Using the email address as the first class identifier is a good idea, so +10000 for using email address as the one true identifier. I also like how they have an interim solution for users whose email provider doesn't support BrowserID.
An "EmailID" proposal might be viable, but I think BrowserID has some major issues: 1) Doesn't work with rich client apps (desktop, mobile, tablet) when there's no browser. 2) No mechanism to enable RPs to call APIs on behalf of the authenticated user. Almost all RPs will want more than just the user's email address - they'll want rich profile data, the ability to write to activity streams, sharing APIs, location data, etc. I don't see how BrowserID provides any advantages over something like OpenID Connect where Email Address is the identifier. Allen On Mon, Jul 18, 2011 at 10:02 AM, Dick Hardt <[email protected]> wrote: > Yes. > > http://dickhardt.org/2011/07/browserid/ > > :) > > On 2011-07-16, at 8:25 AM, David Recordon wrote: > > > Thoughts? > > > > > http://identity.mozilla.com/post/7669886219/how-browserid-differs-from-openid > > _______________________________________________ > > specs mailing list > > [email protected] > > http://lists.openid.net/mailman/listinfo/openid-specs > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
