Dick's concern is very valid, I think. I do not even want to think of the consequence of losing my own main identity secret :-p
=nat > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dick Hardt > Sent: Sunday, June 03, 2007 8:24 PM > To: Johannes Ernst > Cc: OpenID specs list > Subject: Re: Specifying identifier recycling > > There is a huge difference between the OP/RP shared secret > and using a shared secret as an identifier. > > The secret between the OP and RP has a mechanism for it to be > recycled. If it happens to be lost, then the pair can set up > a new secret. > > If the user's secret is lost, then that identifier and any > accounts that it was used for are lost. > > -- Dick > _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs