[OpenID board] A couple of questions regarding the security...

Johannes Ernst jernst at netmesh.us
Thu Jan 31 17:07:50 UTC 2008


The board list is the wrong place to ask this.
Please post to general at openid.net instead.

On Jan 31, 2008, at 6:59, Per Ekström wrote:

> Hi. I'm quite new to this whole OpenID thing, though I do find the  
> idea in itself to be wonderful. Since every little blog and photo  
> gallery nowadays seems to require subscriptions, I've more or less  
> given up on the password front...
>
> Anyhow, forgive me if it has been covered before, but, I tried  
> searching the web for three hours and couldn't find an answer, so, I  
> thought I should ask here for a concise explanation.
>
> My first question is regarding the Phishing attacks that are  
> mentioned at Wikipedia [1] - Are they still valid or is it just FUD  
> that has been floating around since an old version of the standard?
>
> And second - While I know Man-In-The-Middle between user and OpenID- 
> provider is quite easy to stave off, what about OpenID-provider and  
> the website I'm trying to log in to? Whenever man-in-the-middle  
> discussion about this appears, it's always in the form of User-to- 
> OpenID-Provider, not the other way around.
>
> If someone could take the time to explain this to me (or point me in  
> the direction of an FAQ), so I could convince my boss to allow  
> OpenID logins, I'd be very grateful. ^^
>
> Oh, and is there some sort of community icon for OpenID I could use,  
> to show that our website does indeed support OpenID?
>
> Regards,
> Per Ekström
>
> [1] http://en.wikipedia.org/wiki/OpenID
>
> _______________________________________________
> board mailing list
> board at openid.net
> http://openid.net/mailman/listinfo/board

Johannes Ernst
NetMesh Inc.


   http://netmesh.info/jernst

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20080131/35c2b4c5/attachment-0003.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openid-relying-party-anonymous.gif
Type: image/gif
Size: 903 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20080131/35c2b4c5/attachment-0006.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 977 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20080131/35c2b4c5/attachment-0007.gif>


More information about the board mailing list