From 3dddc0dcdf751e326a1e36e32d75e2d3db4b84f4 Mon Sep 17 00:00:00 2001
From: David Baker <dave@matrix.org>
Date: Thu, 30 Jun 2016 16:13:45 +0100
Subject: [PATCH] Explain why not erroring on dup 3pid is desireable

---
 api/client-server/registration.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/api/client-server/registration.yaml b/api/client-server/registration.yaml
index f6803b88..6d99aca2 100644
--- a/api/client-server/registration.yaml
+++ b/api/client-server/registration.yaml
@@ -181,6 +181,8 @@ paths:
             that the email address is already registered to an account on this server, however,
             if the home server has the ability to send email, it is recommended that the server
             instead send an email to the user with instructions on how to reset their password.
+            This prevents malicious parties from being able to determine if a given email address
+            has an account on the Home Server in question.
           examples:
             application/json: |-
               {