[OpenID] Replacing email verification with RSS 'push' feeds and OAuth

SitG Admin sysadmin at shadowsinthegarden.com
Wed Apr 8 05:41:37 UTC 2009

Just a quick thought on an alternative to doing this using OAuth: if 
there were AX encryption, the OP might be able to send the user back 
with their agreed-upon "reset RP account" password; the OP would then 
*know* this password, which would not be a good thing if the OP later 
turned out to be malicious, but it *would* help if the OP merely 
happened to go down.


More information about the general mailing list