[Cosmo] usefulness of usernames

Lisa Dusseault lisa at osafoundation.org
Mon Sep 26 14:01:17 PDT 2005 

I also worry that even if you can't search or list the set of user 
collections to harvest email addresses, those URLs will leak out and 
reveal email addresses more often. There's a use case for somebody like 
Mitch who might be willing to have his calendar be publicly readable 
(or at least his free-busy time) and share that URL widely, but might 
be more concerned about having email address be private.

Of course for me, since my email appears in hundreds of places 
including every internet-draft I've ever written and most working group 
mailing lists, I just don't care.  But that's just me :)

What about the tie-in between login and URL though?  just because 
somebody logs in with their email address (or using a federated 
identity system) doesn't mean that their calendar URL has to have their 
login.  It's not quite the same thing, but I'm reminded of blog sites 
where my login is distinct from my blog name -- my login doesn't appear 
in the blog URL.

lisa

On Sep 26, 2005, at 12:42 PM, Heikki Toivonen wrote:

> Brian Moseley wrote:
>> anyway, the two do seem redundant, and i wonder if we can't get rid of
>> username altogether, using email address only to partition the
>> repository for user storage and to (along with passwords) authenticate
>> users.
>>
>> does anybody have thoughts either way?
>
> Having the email address be the login name can confuse some users so
> that they think cosmo and their email server share the same user
> database. These people will be surprised when they change their 
> password
> for one system and expect to be able to login with that password to the
> other system.
>
> Also, more people will almost certainly use the same password for these
> two different systems (even if they understand they do not 
> automatically
> share the same user database), which obviously exposes more of their
> information in case one password is exposed.
>
> -- 
>   Heikki Toivonen
>
> _______________________________________________
> Cosmo mailing list
> Cosmo at osafoundation.org
> http://lists.osafoundation.org/mailman/listinfo/cosmo

More information about the Cosmo mailing list