[OpenID board] W3C's Social Web XG Final Report

Brian Kissel bkissel at janrain.com
Fri Oct 15 00:39:18 UTC 2010 

Good catch Nat.  Chris, is this something you could tackle?



Cheers, Brian



*Brian Kissel <http://www.linkedin.com/in/briankkissel>*

e: bkissel at janrain.com <katie at janrain.com>  |  w: 503-488-6754 x45  |  m:
503-342-2668  |  f: 503-296-5502

Follow Us:  Facebook <http://bit.ly/9CGHdf>  |
Twitter<http://bit.ly/9umxlK>  |
 LinkedIn <http://bit.ly/a7WZMC>  |  Blog <http://bit.ly/cv3WGH>

519 SW 3rd Ave, Suite 600, Portland, Oregon 97204

----------------------------------------------------------------------------------------------------------------------------

*Improve online ROI, engage your users, and build your brand with Janrain**
. **Watch the Video <http://bit.ly/99jJ1w>**.*





*From:* Nat Sakimura [mailto:sakimura at gmail.com]
*Sent:* Thursday, October 14, 2010 5:28 PM
*To:* board at openid.net; Don Thibeau (OIDF ED); Brian Kissel
*Subject:* Re: W3C's Social Web XG Final Report



Looks like we have to submit some kind of comment by this Friday.



OpenID mentioned as "Phishing Heaven" is not good.



Don, could you get in touch with them to fix those paragraphs?



I will try to send my personal comments as well.



Here is the problematic sentence:



As a server-side solution, OpenID and successor technologies have the
advantage of only relying on server-side HTTP redirects, and so in general
works independent of browsers. Very seriously, OpenID 2.0 Authentication
does not require relying parties to validate, and so has been
described as phishing
heaven <http://www.links.org/?p=187>, since it allows any OpenID-enabled
site to redirect a user to a fake OpenID provider, that then steals the
user's credentials.

On Thu, Oct 14, 2010 at 10:57 AM, Nat Sakimura <sakimura at gmail.com> wrote:

I just stumbled upon this document "Final Report - Social Web XG Wiki "

http://www.w3.org/2005/Incubator/socialweb/wiki/FinalReport#Identity

Perhaps we should locate a volunteer to help them write more
accurately about OpenID?

--
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en




-- 
Nat Sakimura (=nat)
http://www.sakimura.org/en/
http://twitter.com/_nat_en
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-board/attachments/20101014/19131df3/attachment.html>

More information about the board mailing list