HTTPS status
Alaric Dailey
alaricdailey at hotmail.com
Thu Mar 1 04:41:05 UTC 2007
I was going to sit here and craft a large response with rebuttals for each
of your statements, but...
At this point I think I have to be contented with the knowledge that OpenId
will be forced to change, or it will fail, this is ESPECIALLY true because
of the sudden surge in popularity.
> -----Original Message-----
> From: specs-bounces at openid.net
> [mailto:specs-bounces at openid.net] On Behalf Of Scott Kveton
> Sent: Wednesday, February 28, 2007 8:33 PM
> To: specs at openid.net
> Subject: Re: HTTPS status
>
> [snip]
>
> > Why is there such reluctance?
>
> I think there are a several reasons why:
>
> * Not everybody knows how to install/manage an SSL certificate
> * Not every web hosting company allows multiple IP's for sites
> * It wouldn't have been easy to get the adoption we're seeing
> with a MUST
> * Majority of transactions are low-value today
>
> Could we have gotten where we are today with the growth that
> we've seen _with_ a MUST? I don't think so.
>
> The providers who are really serious about security and
> identity will have SSL.
>
> - Scott
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs
>
More information about the specs
mailing list