[OpenID] Trust + Security @ OpenID
Chris Obdam
chris.obdam at holder.nl
Tue Jul 17 10:43:54 UTC 2007
There is no public black/whitelist of OpenID providers already?
On 16-jul-2007, at 18:06, Scott Kveton wrote:
>> @Scott: You can support a centralized list of certified OpenID
>> servers, as long as it isn't part of the OpenID foundation? :-)
>
> Email has had this problem for years and the solution was the creation
> of real-time blackhole lists (RBL's). I've used these for years and
> have been so thankful they exist. However, they are not without their
> problems. Liability and litigation have caused all sorts of problems
> for RBL's ... apply this to identity and the legal minefield gets that
> much more crowded.
>
> So, my stupidly long-winded response to your question is this; I'll
> personally use a centralized list of "trusted" (<- in quotes because
> its a fully-loaded word) OpenID providers if it exists but I don't
> believe that the OpenID Foundation should advocate, sponsor, implement
> or specifically support any one.
>
> - Scott
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
More information about the general
mailing list