Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Rowan Kerr
Sent: Friday, November 10, 2006 11:23 AM
To: specs@openid.net
Subject: Re: Map/Normalize Email Address to IdP/OP URL (Was [PROPOSAL]
Handle"http://[EMAIL PROTECTED]" Style Identifiers)
On 11/9/06,
ize Email Address to IdP/OP URL (Was
>> [PROPOSAL]
>> Handle"http://[EMAIL PROTECTED]" Style Identifiers)
>>
>> I strongly have the view that [EMAIL PROTECTED] is a really bad idea.
>>
>> Your dad is not providing his password to the RP, and should n
I think I'm on general but not on specs and I seem to have taken
some kind of role in this discussion so please CC me if appropriate;
I will respond using gmail's "reply all."
On 11/10/06, Pete Rowley <[EMAIL PROTECTED]> wrote:
> David Nicol hastily opined:
>> ... might select OpenID as the metho
On 11/9/06, David Fuelling <[EMAIL PROTECTED]> wrote:
> So, '[EMAIL PROTECTED]' would be treated as if the User had entered
> 'http://any.edu' (the URL of their IdP/OP) into the OpenId login form.
I don't like the idea of telling people to enter their username, and
then throwing it away. As mentio
David Nicol wrote:
On 11/10/06, David Fuelling <[EMAIL PROTECTED]> wrote:
Plus, why do we **not** want OpenId to work with email addresses (assuming
we maintain the principals of User Centric Identity if we use them?)
Loss of focus. OpenID is a UCI system based on URLs.
> -Original Message-
> From: Dick Hardt [mailto:[EMAIL PROTECTED]
> Sent: Friday, November 10, 2006 11:28 AM
> To: David Fuelling
> Cc: specs@openid.net; [EMAIL PROTECTED]
> Subject: Re: Map/Normalize Email Address to IdP/OP URL (Was [PROPOSAL]
> Handle"http:
> -Original Message-
> From: Dick Hardt [mailto:[EMAIL PROTECTED]
> Sent: Friday, November 10, 2006 11:28 AM
> To: David Fuelling
> Cc: specs@openid.net; [EMAIL PROTECTED]
> Subject: Re: Map/Normalize Email Address to IdP/OP URL (Was [PROPOSAL]
> Handle"http:
What I don't really understand in this discussion is that..
http://[EMAIL PROTECTED] is a perfectly valid url and already in the spec..
Evert
Dick Hardt wrote:
> On 10-Nov-06, at 7:20 AM, David Fuelling wrote:
>
>
>>> -Original Message-
>>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTE
On 10-Nov-06, at 7:20 AM, David Fuelling wrote:
>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
>> Behalf
>> Of Jonathan Daugherty
>> # I think that all this discussion about email userid is moving us
>> off
>> # track. My original proposal was that the em
On 11/10/06, David Fuelling <[EMAIL PROTECTED]> wrote:
> Plus, why do we **not** want OpenId to work with email addresses (assuming
> we maintain the principals of User Centric Identity if we use them?)
Loss of focus. OpenID is a UCI system based on URLs. Someone who
wants to install OpenID on t
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
>Behalf
> Of Jonathan Daugherty
> # I think that all this discussion about email userid is moving us off
> # track. My original proposal was that the email maps/normalizes to a
> # URL of an IdP (the userid is igno
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Martin Atkins
> Sent: Friday, November 10, 2006 2:41 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
Identifiers
>
> I pro
# I think that all this discussion about email userid is moving us off
# track. My original proposal was that the email maps/normalizes to a
# URL of an IdP (the userid is ignored/not used).
#
# So, '[EMAIL PROTECTED]' would be treated as if the User had entered
# 'http://any.edu' (the URL of the
OSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> On 11/9/06, David Nicol <[EMAIL PROTECTED]> wrote:
>
> http://[EMAIL PROTECTED] (cool addy, btw) certainly
> won't get anyone to David Fuelling's home page, now or in any likely
> future.
>
PROTECTED]
>> Sent: Thursday, November 09, 2006 2:05 AM
>> To: Johannes Ernst
>> Cc: Hallam-Baker, Phillip; specs@openid.net; general
>> Subject: Re: XRDS vs. DNS level identity (was RE: [PROPOSAL]
>> Handle "http://[EMAIL PROTECTED]" Style Identifiers)
>&g
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Martin Atkins
> Sent: Thursday, November 09, 2006 5:36 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
&
nID could use an identifier the user already understands & has,
like an email address, for locating the user's IdP?
-Peter
> > -Original Message-
> > From: Dick Hardt [mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, November 08, 2006 5:06 PM
> > To: David Fuelling
Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Martin Atkins
> Sent: Thursday, November 09, 2006 12:05 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> One idea we came up wi
2
(Normalization). We're mapping/normalizing 'www.cnn.com' to
'http://www.cnn.com', even though www.cnn.com is not (technically) a validly
schemed Http url. Why not do the same with email addresses?
> -Original Message-
> From: Hallam-Baker, Phillip [mailt
esn't resolve to something that
>> OpenID can
>> use?
>>
>> David Fuelling
>>
>>> -Original Message-
>>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
>>> On Behalf
>>> Of Dick Hardt
>>> Sent: Sunday, Octob
> Sent: Thursday, November 09, 2006 2:05 AM
> To: Johannes Ernst
> Cc: Hallam-Baker, Phillip; specs@openid.net; general
> Subject: Re: XRDS vs. DNS level identity (was RE: [PROPOSAL]
> Handle "http://[EMAIL PROTECTED]" Style Identifiers)
>
> I agree with Johannes
I have concerns.
>>
>>> -Original Message-
>>> From: Drummond Reed [mailto:[EMAIL PROTECTED]
>>> Sent: Wednesday, November 08, 2006 7:42 PM
>>> To: Hallam-Baker, Phillip; Recordon, David; 'David Fuelling'
>>> Cc: specs@openid.net
is a bad thing.
> -Original Message-
> From: Dick Hardt [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 08, 2006 5:06 PM
> To: David Fuelling
> Cc: specs@openid.net
> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> Hi
ovember 08, 2006 7:42 PM
>> To: Hallam-Baker, Phillip; Recordon, David; 'David Fuelling'
>> Cc: specs@openid.net; [EMAIL PROTECTED]
>> Subject: XRDS vs. DNS level identity (was RE: [PROPOSAL]
>> Handle "http://[EMAIL PROTECTED]" Style Identifiers)
>
ip; Recordon, David; 'David Fuelling'
> Cc: specs@openid.net; [EMAIL PROTECTED]
> Subject: XRDS vs. DNS level identity (was RE: [PROPOSAL]
> Handle "http://[EMAIL PROTECTED]" Style Identifiers)
>
> Phillip,
>
> Please don't shoot me -- I am just the mess
>-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Peter Watkins
Sent: Wednesday, November 08, 2006 4:21 PM
To: [EMAIL PROTECTED]
Cc: specs@openid.net
Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
>Re
have seen so many attempts to reinvent it.
> -Original Message-
> From: Recordon, David
> Sent: Wednesday, November 08, 2006 4:50 PM
> To: Hallam-Baker, Phillip; David Fuelling
> Cc: specs@openid.net; [EMAIL PROTECTED]
> Subject: RE: [PROPOSAL] Handle "http://[EMAI
L PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Hallam-Baker, Phillip
> Sent: Wednesday, November 08, 2006 1:37 PM
> To: David Fuelling
> Cc: specs@openid.net; [EMAIL PROTECTED]
> Subject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
> Identifiers
> It
ick Hardt
Sent: Sunday, October 22, 2006 12:26 PM
To: John Panzer
Cc: Kaliya *; specs@openid.net
Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
Identifiers
...
If we support email addresses, then the prompt may look something
like this:
"email | Homesite | i-na
.
> -Original Message-
> From: Recordon, David
> Sent: Wednesday, November 08, 2006 4:50 PM
> To: Hallam-Baker, Phillip; David Fuelling
> Cc: specs@openid.net; [EMAIL PROTECTED]
> Subject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]"
> Style Identifiers
>
EMAIL PROTECTED]
>> On Behalf
>> Of Dick Hardt
>> Sent: Sunday, October 22, 2006 12:26 PM
>> To: John Panzer
>> Cc: Kaliya *; specs@openid.net
>> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
>> Identifiers
>>
>> .
esday, November 08, 2006 1:37 PM
To: David Fuelling
Cc: specs@openid.net; [EMAIL PROTECTED]
Subject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
Identifiers
Please don't map to Http this way.
It would be fine to define a fixed mapping from a user identifier to
http. But i
; Cc: specs@openid.net; [EMAIL PROTECTED]
> Subject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]"
> Style Identifiers
>
> Hi Philip,
>
> I'm not sure I understand "Please don't use HTTP this way".
>
> I was suggesting that the user enter
ginal Message-
> From: Jonathan Daugherty [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 08, 2006 1:45 PM
> To: David Fuelling
> Cc: specs@openid.net
> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> # So, if in a hypothetical
er, Phillip [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 08, 2006 1:45 PM
> To: David Fuelling; specs@openid.net
> Subject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> Please don't use HTTP this way. That is not the semantics for http
to something that OpenID can
use?
David Fuelling
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
> Of Dick Hardt
> Sent: Sunday, October 22, 2006 12:26 PM
> To: John Panzer
> Cc: Kaliya *; specs@openid.net
> Subject: Re: [PRO
ED]
> [mailto:[EMAIL PROTECTED] On Behalf Of David Fuelling
> Sent: Wednesday, November 08, 2006 1:40 PM
> To: specs@openid.net
> Subject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]"
> Style Identifiers
>
> Please see my questions/ideas enclosed...
>
>
# So, if in a hypothetical world where we have 4 potential OpenId
# "values" that a user could enter, AND the goal is to reduce
# confusion, then does it really make sense to cut out the most common
# "value" (which is an email address)?
IMHO, because using identifiers that look like email address
ally make sense to cut out the most common "value" (which is an email
address)?
> -Original Message-
> From: Jonathan Daugherty [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 08, 2006 1:30 PM
> To: David Fuelling
> Cc: specs@openid.net
> Subject: Re:
bject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> There have been several long threads in the past about using email
> addresses as OpenID identifiers. The conclusion each time has been to
avoid it. I don't remember all the arguments, but among them ar
# SIDE NOTE: For those who argue against email addresses in the OpenId
# login form on the grounds of confusion, these 2 email proposals
# should be no less "confusing" than trying to educate a user that the
# Identity URL they type in (e.g., http://aol.com) is not their
# identity. Both will/woul
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
> Of Recordon, David
> Sent: Thursday, October 19, 2006 9:46 PM
> To: specs@openid.net
> Subject: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> In meeting with a large service provider
nal Message-> From:
[EMAIL PROTECTED]> [mailto:[EMAIL PROTECTED]] On
Behalf Of Dick Hardt> Sent: Sunday, October 22, 2006 5:00 PM> To:
Kaliya Hamlin> Cc: specs@openid.net> Subject: Re: [PROPOSAL]
Handle "http://[EMAIL PROTECTED]">
Style Identifiers>>>
On 22-Oct-06, at 9:04 PM, George Fletcher wrote:
>
>
> Dick Hardt wrote:
>>
>> On 22-Oct-06, at 7:00 PM, George Fletcher wrote:
>>
>>>
>>>
>>> Dick Hardt wrote:
With OpenID, there is a presumption the user has selected a trust
worthy IdP that will only present the user's identifiers wh
Dick Hardt wrote:
>
> On 22-Oct-06, at 7:00 PM, George Fletcher wrote:
>
>>
>>
>> Dick Hardt wrote:
>>> With OpenID, there is a presumption the user has selected a trust
>>> worthy IdP that will only present the user's identifiers when it
>>> really is the user.
>>>
>> Doesn't this imply that bo
ED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dick Hardt
> Sent: Sunday, October 22, 2006 11:14 PM
> To: George Fletcher
> Cc: specs@openid.net
> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]"
> Style Identifiers
>
>
> On 22-Oct-06, at 7:00
On 22-Oct-06, at 7:00 PM, George Fletcher wrote:
>
>
> Dick Hardt wrote:
>> With OpenID, there is a presumption the user has selected a trust
>> worthy IdP that will only present the user's identifiers when it
>> really is the user.
>>
> Doesn't this imply that both the user and RP have to know
Dick Hardt wrote:
> With OpenID, there is a presumption the user has selected a trust
> worthy IdP that will only present the user's identifiers when it
> really is the user.
>
Doesn't this imply that both the user and RP have to know which IdP's
are "trust worthy"?
> Actually, idp.spammers.c
On 22-Oct-06, at 5:05 PM, George Fletcher wrote:
>
> Dick Hardt wrote:
>> What is different with OpenID vs email is that there is certainty
>> that the user actually is the user.
> I'm a little confused. How is there certainty that "the user
> actually is the user"? The viability of the ide
On 22-Oct-06, at 2:28 PM, Praveen Alavilli wrote:
>
>
> [EMAIL PROTECTED] wrote:
>> For starters please don't use Comic Sans in professional
>> correspondence. it is very hard to read (or take seriously)
>> http://bancomicsans.com/home.html
>>
>>
>> On Oct 22, 2006, at 11:44 AM, Praveen Alav
Dick Hardt wrote:
>
> On 20-Oct-06, at 10:14 AM, George Fletcher wrote:
>>
>> Of course, my expectation is that this syntax would be optional; the
>> user can always specify their full URI identifier.
>>
>> I agree that this kind of an identifier is not portable, but I'm
>> guessing that most u
[EMAIL PROTECTED] wrote:
For starters please don't use Comic Sans in professional
correspondence. it is very hard to read (or take seriously) http://bancomicsans.com/home.html
On Oct 22, 2006, at 11:44 AM, Praveen Alavilli wrote:
It's more of a problem with how we ca
Dick Hardt wrote:
> What is different with OpenID vs email is that there is certainty
> that the user actually is the user.
>
I'm a little confused. How is there certainty that "the user actually
is the user"? The viability of the identifier representing the same
user is dependent on th
For starters please don't use Comic Sans in professional correspondence. it is very hard to read (or take seriously) http://bancomicsans.com/home.htmlOn Oct 22, 2006, at 11:44 AM, Praveen Alavilli wrote: It's more of a problem with how we can accept 3rd party OpenId users at AOL (we as an RP). Ob
[Please pardon me if I am spamming
the spec mailing list with general comments/issues that might have been
discussed before]
It's not the problem of just making AOL users OpenId enabled, so they
can access 3rd party RPs (use http://www.aol.com/ or
http://aimpages.com/ or
http://journals.aol.co
On 22-Oct-06, at 11:44 AM, Praveen Alavilli wrote:
> It's more of a problem with how we can accept 3rd party OpenId
> users at AOL (we as an RP). Obviously for simple use cases like
> leaving comments on blogs it wouldn't really matter as long as the
> user is identified by someone (and someo
On 22-Oct-06, at 12:43 PM, Kaliya Hamlin wrote:
> For starters please don't use Comic Sans in professional
> correspondence. it is very hard to read (or take seriously) http://
> bancomicsans.com/home.html
Kaliya: The easy solution is to have your email program turn all
responses to plain
t: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
Identifiers
For starters please don't use Comic Sans in professional correspondence.
it is very hard to read (or take seriously)
http://bancomicsans.com/home.html
On Oct 22, 2006, at 11:44 AM, Pr
On 20-Oct-06, at 10:14 AM, George Fletcher wrote:
> [Sorry for the strange posting format. I got on the list after
> seeing the emails. --George]
>
> First, I'm new to the list and don't want to resurface an old and
> long debated topic.
>
> To me this proposal is about how to make finding t
On 20-Oct-06, at 12:17 PM, John Panzer wrote:
> Kaliya * wrote on 10/20/2006, 11:57 AM:
>
>> I think it is a terrible idea.
>>
>> 1) If you put something out into the market that looks like an e-
>> mail it will be used like an e-mail. I have personal experience
>> with this.
>>
>> I had a AIM
We actually built some code some time ago to explore this. The basic
insight was:
if we can do Yadis discovery on XRIs (which aren't rooted in DNS),
then we can do Yadis discovery on any other kind of identifier,
whether it's an e-mail address or an ISBN number or what have you --
and onc
# I'm not actually proposing the IdP make an assertion about
# [EMAIL PROTECTED] It would only be used during the discovery phase
# and then an assertion for a URL be returned.
Ok, I misunderstood. But even in the case where the IdP makes an
assertion about a different identifier, that's confusi
2:57 PM
To: George Fletcher
Cc: Recordon, David; specs@openid.net
Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
Identifiers
# It might create some confusion depending on the audience. For the #
audience that doesn't run their own web server, or have their own
Behalf Of John
PanzerSent: Friday, October 20, 2006 3:17 PMTo: Kaliya
*Cc: specs@openid.netSubject: Re: [PROPOSAL] Handle
"http://[EMAIL PROTECTED]" Style Identifiers
Kaliya *
wrote on 10/20/2006, 11:57 AM:
I think it is a terrible
idea.1) If you put something out i
On 10/19/06, Recordon, David <[EMAIL PROTECTED]> wrote:
> The proposal we came up with was within the spec describing what to do
> if someone were to enter "[EMAIL PROTECTED]" in a Relying Party's OpenID
> login form.
Here are the past threads that I could find about this issue:
1. http://lists.d
On 10/20/06, John Panzer <[EMAIL PROTECTED]> wrote:
Kaliya *
wrote on 10/20/2006, 11:57 AM:
I think it is a terrible idea.
1) If you put something out into the market that looks like an e-mail
it will be used like an e-mail. I have personal experience with this.
I had a AIM handle
Kaliya *
wrote on 10/20/2006, 11:57 AM:
I think it is a terrible idea.
1) If you put something out into the market that looks like an e-mail
it will be used like an e-mail. I have personal experience with this.
I had a AIM handle for the Mac part of the universe [EMAIL PROTECTED] (it w
I think it is a terrible idea.1) If you put something out into the market that looks like an e-mail it will be used like an e-mail. I have personal experience with this. I had a AIM handle for the Mac part of the universe
[EMAIL PROTECTED] (it was not an e-mail address) but because it looked like
# It might create some confusion depending on the audience. For the
# audience that doesn't run their own web server, or have their own
# blog, it might be confusing to enter a URI.
By confusion, I mean entering something that looks like an email but
probably isn't, and trying to figure out just
r 20, 2006 12:59 PM
> To: Recordon, David
> Cc: Drummond Reed; specs@openid.net
> Subject: Re: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
> Identifiers
>
> # The thing is they aren't really giving them their email address.
> # Rather an identifier which lo
thought...
=Drummond
-Original Message-
From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On Behalf
Of Recordon, David
Sent: Thursday, October 19, 2006 6:46 PM
To: specs at openid.net
Subject: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
Yes, potentially. It is a bit of a hybrid approach I guess.
--David
-Original Message-
From: Jonathan Daugherty [mailto:[EMAIL PROTECTED]
Sent: Friday, October 20, 2006 12:59 PM
To: Recordon, David
Cc: Drummond Reed; specs@openid.net
Subject: Re: [PROPOSAL] Handle "http://[
# The thing is they aren't really giving them their email address.
# Rather an identifier which looks like an email address to a user and
# in some cases may also be an email address.
Isn't that likely to create a lot of confusion?
--
Jonathan Daugherty
JanRain, Inc.
2006 1:04 AM
To: Recordon, David; specs@openid.net
Subject: RE: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style
Identifiers
There have been several long threads in the past about using email
addresses as OpenID identifiers. The conclusion each time has been to
avoid it. I don't r
lto:[EMAIL PROTECTED] On Behalf
Of Recordon, David
Sent: Thursday, October 19, 2006 6:46 PM
To: specs@openid.net
Subject: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
In meeting with a large service provider this week, an issue around end
user usability came up. The concer
> To: specs@openid.net
> Subject: [PROPOSAL] Handle "http://[EMAIL PROTECTED]" Style Identifiers
>
> In meeting with a large service provider this week, an issue
> around end user usability came up. The concern they
> expressed was that users are know how to enter use
In meeting with a large service provider this week, an issue around end
user usability came up. The concern they expressed was that users are
know how to enter usernames or email addresses to initiate the login
process. While directed identity allows the user to enter
"example.com", they feel tha
77 matches
Mail list logo