On Fri, 14 Dec 2012, Stan wrote: > > First, I don't think it's convenient for users to register themselves on > many sites, which they visit occasionally. If most of the users do this > right now, it does not mean they are happy with this, this is bacause > there is no other, more simple way (as simple as just clicking on > "remember me").
There are solutions to this problem, e.g. you can authenticate to a site using your Facebook identity using one or two clicks. > Second, user accounts are based on e-mails as a rule, which is not > unique at all, every user can have multiple e-mails and multiple > registrations. Many web-services struggle against users' reputation > spoofing made via such fake accounts. Users can have multiple devices and could tell their browser to provide a unique identifier with each page access, so a device ID API wouldn't stop or change this. > Third, I think it's up to a certain web-service design and requirements, > if it needs to identify user accounts or user devices. For example, > usage of the same profile on multiple devices can be a violation of a > web-service license agreement, or a web-service may bind several devices > to the same profile. Binding multiple devices to a profile is easy and done today, it doesn't require an identifier. An identifier wouldn't help stop a user from using multiple devices with one site (not that such a restriction would even make sense in the first place), because there's no guarantee that the user agent isn't providing you with fake device identifiers. > Multiple browser profiles on the same device do not matter, because the > same device ID will be returned. What if the different profiles are for different people? Or different identities of the same person? (e.g. a woman's professional identity and a pseudonymous identity in an assault support group; or a man's identity that he uses for this extended family, and his identity that he uses when exploring his transexuality?) > The main point, if device ID could be available it would provide more > great possibilities for users and web-services. I don't understand what it would provide that would be better than the existing ability to use one's identity from an identity provider. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'