Wednesday, February 21, 2007

OpenID and Unique IDs

George Fletcher, a really smart AOL guy, mentions in his latest entry:
One final thought. There should be no reason why my IdP can't provide public personal identifiers in certain instances, pseudonymous identifiers in others, and temporary identifiers with claims in still others.
I would agree that in the generic sense of an Identity Provider (IdP) that such an assertion holds. In some implementations, especially in OpenID's case, this obviously isn't true. This breaks when you depend on the user to serve a unique identifier directly to the verifying resource/service provider. Not to say that this couldn't be fixed in practice, mind you.

The discussion regarding reputation in his post is a valid one. I just happen to believe that it's more of a convenient "feature" that you can't turn off. There are a lot of situations where this is bad.

No comments: