So, this looks to be a problem due to different things being called "account merge".
On one side we have
- SSO account merge
- LP account merge
and they do different things.
I will speak only about the SSO one as that's the one I know :)
When two SSO accounts get merged, the source account will get deactivated, and all of it's associated emails will get added to the target account (thus, the source account's openid will no longer be valid).
In all reported cases we found multiple SSO accounts linked to the same LP account. This possibly caused the wrong openid to be setup at the summit sites. This in turn was probably caused by LP merging the accounts without telling SSO about it, thus getting the SSO side of things out of sync.
The way to properly fix this is by having LP notify SSO by some (yet non-existing means) when two accounts need to be merged so SSO can merge their corresponding parts too.
So, this looks to be a problem due to different things being called "account merge".
On one side we have
- SSO account merge
- LP account merge
and they do different things.
I will speak only about the SSO one as that's the one I know :)
When two SSO accounts get merged, the source account will get deactivated, and all of it's associated emails will get added to the target account (thus, the source account's openid will no longer be valid).
In all reported cases we found multiple SSO accounts linked to the same LP account. This possibly caused the wrong openid to be setup at the summit sites. This in turn was probably caused by LP merging the accounts without telling SSO about it, thus getting the SSO side of things out of sync.
The way to properly fix this is by having LP notify SSO by some (yet non-existing means) when two accounts need to be merged so SSO can merge their corresponding parts too.