<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Feb 1, 2017 at 12:11 PM, Ryan Kelly <span dir="ltr"><<a href="mailto:rfkelly@mozilla.com" target="_blank">rfkelly@mozilla.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-">On 2/2/17 03:53, Richard Newman wrote:<br>
> > - The old email address never becomes available for registration again.<br>
><br>
> > That is, email -> FxA user never changes from one user to another.<br>
><br>
> We could certainly do this, but it's not clear to me what value it would<br>
> deliver or what it would guard against.<br>
><br>
><br>
> My reasoning: devices (and potentially services) do, or must, sometimes<br>
> use the email address as a unique identifier for a user.<br>
><br>
> For example, the FxA on Android is named by email. A service like<br>
> Bugzilla might similarly associate an external account with an FxA by email.<br>
<br>
</span>I'd prefer they didn't do this, but you're right, they often do...<br></blockquote><div><br></div><div><b>A lot of services do map to email but it makes me wonder how Facebook behaves. If I were to change my default email in Facebook, would it it prevent me from logging back into services that mapped to my original FB email? Or, are they also passing to these services a uid that's independent of my email?</b><br><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<span class="gmail-"><br>
> If a new arrival can take a vacated email address, there is a chance<br>
> that they can take ownership of a service, or get consumers into a very<br>
> confusing state. If there's no benefit to taking ownership of a vacated<br>
> account, then I'd argue it's unnecessary risk.<br>
<br>
</span>A good example here is Pocket. Pocket ties your FxA to any existing<br>
Pocket account with the same email. So you could get a scenario like:<br>
<br>
* I sign up to Pocket using FxA with <a href="mailto:old@example.com">old@example.com</a><br>
* I change the address on my FxA to <a href="mailto:new@example.com">new@example.com</a><br>
* Someone else re-registers for FxA with <a href="mailto:old@example.com">old@example.com</a><br>
* They can now log into my pocket account<br>
<br>
To be fair, if they now control <a href="mailto:old@example.com">old@example.com</a>, they could use a<br>
traditional password reset flow to access that account on Pocket, and<br>
probably also to take over a bunch of my old accounts around the web.<br></blockquote><div><br><b>Perhaps email providers have a clearly defined period of time before
which an email can be re-allocated. Perhaps we can eventually align to
their practices. </b><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
But I think I'm coming around to the suggestion that we disallow<br>
re-registration of emails, at least for the initial version while we get<br>
our heads around the broader ecosystem effects.<br></blockquote><div><br></div><div><b>I agree.</b><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div class="gmail-HOEnZb"><div class="gmail-h5"><br>
<br>
Cheers,<br>
<br>
Ryan<br>
______________________________<wbr>_________________<br>
Dev-fxacct mailing list<br>
<a href="mailto:Dev-fxacct@mozilla.org">Dev-fxacct@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/dev-fxacct" rel="noreferrer" target="_blank">https://mail.mozilla.org/<wbr>listinfo/dev-fxacct</a><br>
</div></div></blockquote></div><br></div></div>