[OpenID] Live Icons for visual recognition of IDP logos

SitG Admin sysadmin at shadowsinthegarden.com
Thu Apr 2 03:17:49 UTC 2009


>Agreed. I'd vote for the first mitigating option: RPs allow users to 
>easily bind multiple OpenIDs to an account.

I prefer this, too. I do think that the "SINGLE sign on" part of 
OpenID may eventually become non-viable, as OpenID becomes used for 
banks and other RP's that everyone needs to interact with but who 
can't, for security, allow users to use the same credentials with all 
their different OP's. (This would not be a problem for any one of 
those OP's going belly-up, but *would* be a problem when worrying 
about one of them turning hostile, one of them being compromised, or 
the user's smart-card being stolen.)

-Shade



More information about the general mailing list