[OpenID] OpenID and phishing (was Announcing OpenIDAuthentication 2.0 - Implementor's Draft 11)
Gabe Wachob
gabe.wachob at amsoft.net
Fri Jan 19 18:43:02 UTC 2007
Regarding anti-phishing & IE - isn't that one of the main design goals of
Cardspace?
Scenario: Login to your OP with Cardspace and not worry about phishing?
My only point here is that I think the IE people probably think they *have*
a solution, which may or may not be appealing to people here.
-Gabe
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of Scott Kveton
> Sent: Friday, January 19, 2007 10:02 AM
> To: Ben Laurie
> Cc: openid-general
> Subject: Re: [OpenID] OpenID and phishing (was Announcing
> OpenIDAuthentication 2.0 - Implementor's Draft 11)
>
> >> do you have any
> >> suggestions on how to combat phishing for OpenID's?
> >
> > a) Push browser authors to add unphishable auth!
>
> This is starting to happen (with Mozilla anyways). Anybody know the IE
> developers?
>
> > I intend to write some more on mitigation soon.
>
> Great ... Please link to the post here ... Would love to hear your
> thoughts
> on this.
>
> - Scott
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
More information about the general
mailing list