[OpenID - Eu] Mission Statement of OpenID Europe
Andrew Tominson
adt at cannontomlinsonbyrne.com
Fri May 18 14:30:59 UTC 2007
I am new here so apologies if I am retracing old ground... caught the tail
of this thread and it seems to me a "secure certification model" can mean a
variety of things and not all of them are useless.
OpenID is newsworthy here in the UK with the BBC picking up a couple of
stories, but there is no call to action. It is very much "ooh look -
interesting technology coming up". This needs to be converted to "here is a
technology which can be used right now and go to this place to use it
today".
Some form of logo scheme could help with to link in and jump off to where it
can be used. Some bureaucracy to get this up and running might yield faster
uptake and help get a critical mass.
The other area that worries me is standards compliance. With 2.0 on the way
the challenge of distinguishing which features will work where and what it
all means. Logos could help here too... (cf HTML Verified logos)
Trust of the IdP/RP is a hard problem OpenID isn't designed to solve.
Phishability of the IdP is also omitted so it can't even be said that IdPs
are "secure" just by implementing the standard. However, aiding compliance
and uptake of OpenID as-is is another issue where inroads can be made.
Andrew Tomlinson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-eu/attachments/20070518/3eaaa9ed/attachment-0002.htm>
More information about the eu
mailing list