If an RP only needs group membership and no individual identity, then why assert an identifier at all? Use OAuth or identity-less OpenID. I think it would seriously cloud OpenID's Identifiers if an AX attribute that may or may not be noticed or included significantly changes what the identifier's significant meaning is.
Good point. Is it possible to do identity-less OpenID without first establishing an identity, though?
-Shade _______________________________________________ specs mailing list [email protected] http://openid.net/mailman/listinfo/specs
