At 8:47 PM -0700 7/18/11, Allen Tom wrote:
Using the email address as the first class identifier is a good
idea, so +10000 for using email address as the one true identifier.
I also like how they have an interim solution for users whose email
provider doesn't support BrowserID.
Transition-only, meant to end up as an E-mail address?
Philosophically (and this is how I think of it, since I try to
imagine the effect on users' minds to conceptualize their online
activity in various ways), there is "push" and "pull". If the active
party, the one forming intent and acting upon it, is a user, they
"pull" the data in, making requests which third parties respond to.
If the user's role is reduced to accepting or rejecting whatever any
third party decides to "push" upon them, as a passive recipient,
their ability to terminate undesirable interactions while continuing
others is limited.
Users have different needs, and usually *both* needs, when it comes
to these two. My personal preference is for the "browser" (as
"pull"), and to avoid conflating the concept of a universal
identifier with the idea that we must give others some shared way to
contact us ("push"), but more deeply, I suspect that no identifier
which is wholly one or the other will ever be completely suitable as
a "one true identifier".
At 2:02 PM +0900 7/19/11, Nat Sakimura wrote:
There has to be some ways of canonicalizing email address into a
non-re-assignable identifier.
There's always hashing, but then it doesn't make sense to humans.
-Shade
_______________________________________________
specs mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-specs
