[OpenID] An alternative OpenID UX

SitG Admin sysadmin at shadowsinthegarden.com
Wed Apr 15 23:31:51 UTC 2009


>Though without some trust mechanism with the OPs I don't know that 
>having two or three OPs say they have performed biometrical
>authentication of the user, is that much better than one.

Assume one is offline and another is malicious; for more detail, see
http://openid.net/pipermail/general/2009-January/007786.html
(Also note that multiple factors should be covered.)

-Shade



More information about the general mailing list