And not having this info still leaves us vulnerable to incorrect correlations (e.g., thinking that someone said something on a mailing list a year ago because the archives don't store the fragment with the author's name).
Isn't that what digital signatures are for? (Though, mailing list archives scrub that data along with all other attachments.) Even with the low use of digital signatures, or end-user knowledge of how to check them, does OpenID want to extend itself into that area? It may be within scope to *try*, but since E-mail addresses can be spoofed anyway, how much protection would this really offer?
-Shade _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
