[OpenID] Possible Phishing solution?

Nic James Ferrier nferrier at tapsellferrier.co.uk
Mon Mar 5 17:21:44 UTC 2007

"Dmitry Shechtman" <damnian at gmail.com> writes:

> This is just a workaround. As long as phishers are strongly motivated (and
> they are), they will eventually overcome such obstacles. It's just like
> spam, only worse (since phishing scams are more profitable).
> I presented a (seemingly complete) cookie solution in my blog:
> http://blog.phpbb.cc/2007/01/22/yet-another-anti-phishing-idea/

The solution outlined is dependant on subjective variables.

Certificates are the only solution I can think of, see:


which is my OpenID provider giving you a certificate and:


which is another OP which uses any existing certificate you might

Nic Ferrier
Need a linux/java/python/web hacker?  I'm in need of work!

More information about the general mailing list