[OpenID] Using Account Creation Date to preempt recycleable OpenID's in v.next
SitG Admin
sysadmin at shadowsinthegarden.com
Wed Dec 2 22:45:24 UTC 2009
>And not having this info still leaves us vulnerable to incorrect
>correlations (e.g., thinking that someone said something on a
>mailing list a year ago because the archives don't store the
>fragment with the author's name).
Isn't that what digital signatures are for? (Though, mailing list
archives scrub that data along with all other attachments.) Even with
the low use of digital signatures, or end-user knowledge of how to
check them, does OpenID want to extend itself into that area? It may
be within scope to *try*, but since E-mail addresses can be spoofed
anyway, how much protection would this really offer?
-Shade
More information about the specs
mailing list