Hi

I am looking into openid and dotnetauthentication library. However I still go some outstanding questions.

1. the id that comes back is that unique for each user? Can I store this id in a database as the userId(currently this field is a primary key and unique identifier)

2. I read that you can try to request information such as email address but you may not give it to you. What happens if you need this information?

I think it kinda sucks if I have to popup another field right away and ask for their email address and whatever else fields I need. Sort of seems to defeat the purpose a bit as I always considered a benefit of openid is that you don't have to fill out registration forms.

1. Is it better to only have some predefined choices(google,yahoo,openid,facebook). Then letting them type in their own ones(ie gray out the field to let them type in a url).

I am thinking of this because it goes back to point number 2 if they type in a provider that does not give me the information that I need I am then stuck.

1. How do you a log person out? Do you just kill the form authentication ticket?