Mark, AFAICS we inherited the code from the oracle version and I suppose OIDs were used in the sake of consistency between the Oracle and PostgreSQL version of the toolkit.
Using a random token is a better alternative for several reasons. Here's what Gilbert Wong has to say: "I only made a few changes in the acs-subsite user pages. Most of the changes are HTML layout changes. The major change in the TCL/SQL code is the addition of a random token (and column to track it) to supplement the user email verification process. The reason I modified it was because the oid/rowid is a constant in the database and when people change their email addresses, there is no easy way to verify that the email address is still valid. So I added the random token and changed the basic-info-update page to check for a change in the email address. If it was changed, I toggle the user verified column (can't remember the exact column name) to false, log out the user, generate a secret token, and email the confirmation link. So a smart user cannot easily fool the email verification system. I also had to change the registration end too."
You might want to contact Gilbert (https://openacs.org/shared/community-member.tcl?user_id=5597). Please, post back here when you resolve this.
