On Fri, 2006-10-06 at 13:26 +1000, Chris Drake wrote: Is my understanding accurate: OpenID is unable to support single sign on. If not - lets assume it's 9am. I just signed on. I can visit RP#1 then RP#2 then RP#3 and go back and forth all day without hindrance, until I next sign off - yes?
I still worry about end-user experience, privacy, and OpenID usefulness to RPs running non-trivial services. Can someone outline how user privacy gets maintained? (and what, if anything, a user needs to do and/or understand to support this?) Would any RP handling, say, credit-card data, be