[OpenID board] A couple of questions regarding the security...

Per Ekström wertigon at gmail.com
Thu Jan 31 18:48:48 UTC 2008


Ah, I see. I didn't see that list, my mistake. :)

- Per

On 1/31/08, Johannes Ernst <jernst at netmesh.us> wrote:
>
> The board list is the wrong place to ask this.Please post to
> general at openid.net instead.
>
> On Jan 31, 2008, at 6:59, Per Ekström wrote:
>
> Hi. I'm quite new to this whole OpenID thing, though I do find the idea in
> itself to be wonderful. Since every little blog and photo gallery nowadays
> seems to require subscriptions, I've more or less given up on the password
> front...
>
> Anyhow, forgive me if it has been covered before, but, I tried searching
> the web for three hours and couldn't find an answer, so, I thought I should
> ask here for a concise explanation.
>
> My first question is regarding the Phishing attacks that are mentioned at
> Wikipedia [1] - Are they still valid or is it just FUD that has been
> floating around since an old version of the standard?
>
> And second - While I know Man-In-The-Middle between user and
> OpenID-provider is quite easy to stave off, what about OpenID-provider and
> the website I'm trying to log in to? Whenever man-in-the-middle discussion
> about this appears, it's always in the form of User-to-OpenID-Provider, not
> the other way around.
>
> If someone could take the time to explain this to me (or point me in the
> direction of an FAQ), so I could convince my boss to allow OpenID logins,
> I'd be very grateful. ^^
>
> Oh, and is there some sort of community icon for OpenID I could use, to
> show that our website does indeed support OpenID?
>
> Regards,
> Per Ekström
>
> [1] http://en.wikipedia.org/wiki/OpenID
> _______________________________________________
> board mailing list
> board at openid.net
> http://openid.net/mailman/listinfo/board
>
>
> Johannes Ernst
> NetMesh Inc.
>
>
>   http://netmesh.info/jernst
>
>
> _______________________________________________
> board mailing list
> board at openid.net
> http://openid.net/mailman/listinfo/board
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20080131/890b3785/attachment-0003.htm>


More information about the board mailing list