Has anyone looked into Yahoo's "sign-in seal"? Basically it's a piece of custom text or image that you can upload and it will show up on the login page every time you try to login. If you don't see your "seal" when logging in, you might be getting phished (or someone might have cleared the cookies from your browser). It's similar in concept to the Ph-Off extension, but it works through cookies. I'm not familiar with the inner workings of it, but it sounds like a good idea for IdPs to implement.<br><br><b><i>Dmitry Shechtman <damnian@gmail.com></i></b> wrote:<blockquote class="replbq" style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> Now that we've established that by "OpenID spoofing" nobody meant anything<br>more than plain phishing, I think I found a solution:<br><br>http://blog.phpbb.cc/2007/01/12/external-authentication-and-otp/<br><br>Any comments are welcome (first-timer
moderation).<br><br><br>Regards,<br>Dmitry<br>=damnian<br><br>_______________________________________________<br>general mailing list<br>general@openid.net<br>http://openid.net/mailman/listinfo/general<br></blockquote><br><p> 
<hr size=1>Expecting? Get great news right away with <a href="http://us.rd.yahoo.com/evt=49982/*http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html">email Auto-Check.</a><br>Try the <a href="http://us.rd.yahoo.com/evt=49982/*http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html">Yahoo! Mail Beta.</a>