[OpenID] Automating the user's selection of OP
sysadmin at shadowsinthegarden.com
Tue Apr 21 20:51:25 UTC 2009
>While we can't ever get away from the need to support "dumb browser"
>experiences, in my mind it makes more sense to optimize for an
>"identity agent" aware device while not precluding the "dumb
Ideally, we could use *both* techniques in parallel; dumb browsers
wouldn't have protection against the attack methods yet, and we
wouldn't *need* them for smart browsers. But we're going to see users
with Privacy addons that leave us in the worst of both worlds (smart
enough for the attack tricks not to work, but not smart enough to
handle OpenID automatically), so we'll still need to have *some* kind
of generic interface as a fallback.
More information about the general