[philipwhiuk]

> User privacy is enhanced as the issuer does not learn which web application is making the request as the request is mediated by the browser.

This seems extremely marginal. The point of verifying an email address is to subsequently use it to send email.

[callahad]

I largely agree, but I still think there's a compelling argument that blinding the issuer implicitly precludes API gatekeeping or censorship. Sites wouldn't need to pre-register with any issuer, nor could the issuer refuse to provide tokens on the basis of where they'll be used.