Currently, if someone enters their email in the OpenID sign in form,
we use EUAT; but, if someone enters their email on the Ma.gnolia
Account sign in form we check against our (now legacy) user and
password database.
As far as I understand it, EAUT is a one way email address to OpenID
transformation and doesn't imply any sort of verification of that
email address in return. While we could trust emailtoid, we could
necessarily trust other transformers, which leaves us still having to
verify that an email address goes somewhere. This is especially
important for us to meet double opt-in requirements on our newsletter
mailing list.
Coming up with some UX flows for a Ma.gnolia type case (legacy
accounts and OpenIDs) would be a good idea, no?
On Jul 21, 12:57 pm, "Chris Messina" <
chris.mess...@gmail.com> wrote:
> Quick question -- what's the migration path for existing email addresses? So
> if I already have an email account confirmed by Ma.gnolia -- I assume it's
> no different than using an OpenID... if I *don't* have an email with
> Ma.gnolia... same thing -- just doing account creation as with an OpenID --
> but Ma.gnolia shouldn't need to confirm my email address, correct? It'd be
> lame if I had to confirm my address for BOTH Ma.gnolia AND Emailtoid!
> Chris
>
>
>
> On Mon, Jul 21, 2008 at 12:49 PM, David Fuelling <
sappe...@gmail.com> wrote:
> > That's awesome!!
>
> > I just logged in with my email address, and it works perfectly.
>
> > From a UX perspective, it did take a bit to get things to work. Here's
> > what I had to do....
>
> > 1. I had an existing account at ma.gnolia with the OpenID
> >
http://sappenin.myopenid.com.
> > 2. My email address transforms to a different OpenId (
> > 3. I entered my email into the
ma.gnolia.com login form, and
> > authenticated with MyOpenId.com, and came back to ma.gnolia, where I had to
> > enter my username/password -- then I could get into the site.
> > 4. To verify everything was good, I logged out, and logged back in
> > again with my email address. However, I had to do the same thing over again
> > (i.e., enter my
ma.gnolia.com username/password at
ma.gnolia.com).
> > 5. I finally realized that I had to manually associate the new OpenID (
> > 6. It would be nice if ma.gnolia would automatically associate the new
> > OpenID after I first login via openid, then provide my existing account
> > username/password (this should provide enough info to associate the openid I
> > logged in with to my profile, and could easily be automated).
>
> > After I realized that, however, I am now able to easily and quickly login
> > with my my
sappenin.com email address. Very Cool!!
>
> > Last but not least, I decided to try out my gmail address, and that worked
> > perfectly too (via EmailToId). WOW!! It's pretty sweet to now be using my
> > gmail address as an OpenID!!!!
>
> > David
>
> > On Mon, Jul 21, 2008 at 6:46 PM,
la...@ma.gnolia.com <
la...@ma.gnolia.com>
> > wrote:
>
> >> Just wanted to let everyone know that we just deployed EAUT support
> >> over at Ma.gnolia (
http://ma.gnolia.com). You can now type in your
> >> email address in the OpenID field and we'll resolve using EAUT with
> >>
http://emailtoid.net/as the default.