The issue of a foremost interest is whether my email address gets transmitted to the consuming service.
For example, if I use Google to login here to SO, does SO know my gmail address?
Does he know my name I entered in gmail settingы to be used for outgoing mails?
Does an OpenID provider transmit anything else?
Now, the hammer question: I understand that a consumer gets some kind of encrypted/hashed value to uniquely identify the provider-managed account. What if I wanted to reset this value to gets desassociated with my Google OpenID from all sites and re-register there again from scratch?
I find it quite stupid and user-unfriendly that SO (and probably other sites) do not inform their users of these privacy issues. You sign in and you don't know at all how private you are going to be. Nonsense. This is probably written in some OpenID specs, but would an ordinary user read them let alone understand them?
Try reading this article about OpenID privacy.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With