[OpenID - Eu] Mission Statement

Recordon, David drecordon at verisign.com
Sun Jun 3 00:00:14 UTC 2007 

Chris,
Don't get me wrong, I think testing programs are really needed!
Certification, as in paying money and being on an "approved" list, is
however something I have mixed feelings around.  I think the community
really needs tools to make sure OpenID implementations are correct and
interoperate.

--David

-----Original Message-----
From: eu-bounces at openid.net [mailto:eu-bounces at openid.net] On Behalf Of
Chris Obdam
Sent: Friday, June 01, 2007 8:08 AM
To: Martin Paljak
Cc: Snorri; eu at openid.net
Subject: Re: [OpenID - Eu] Mission Statement

Martin,

I get your point. Seeing the reactions maybe my certification ideas  
are not realistic.

Does anybody see the goodness in the whole 'certification' idea. Or  
to put it in an other way: Providers can only become a member after  
they have passed the test.
What the test rules are can be defined later..

?

Greetings,

Chris - OpenID Holland


On 1-jun-2007, at 16:30, Martin Paljak wrote:

>
> On 01.06.2007, at 17:02, Chris Obdam wrote:
>
>> I wan't people to know that when a OpenID provider is member of the
>> OpenID Europe Organisation that that provider is safe.
>
> I still don't understand how the safeness of an OpenID provider  
> differs from the safeness of a random websites where you would be  
> using that OpenID. Or what kind of safeness should be assessed ?  
> Privacy ? Authentication security ? Data security ?
>
> Or how a NGO could approve the safeness of its members and why a  
> random person should buy that claim (Sounds like 'self signed  
> certificate')
>
> This would be as good as to have Euro NCAP (the thing that tests  
> new cars) be set on the car industry 100 years ago. The safety of  
> cars has been troublesome for a long time but with the rising  
> number of cars in europe and the higher assumed safety of cars  
> actually makes EuroNCAP useful and trusted because there is a need  
> and there is trust for them (they are hopefully somewhat  
> independent). We need millions of OpenID *consumers* and after that  
> we can work on the certification. It would be like having ultrasafe  
> cars in the world with no roads otherwise.
>
> What I'm trying to say is that trust and sense of safety is  
> actually pretty personal. I don't automatically 'buy' something  
> because it claims to be the best. If the need for such  
> certification arises, it shall be filled by an *independent* party.
>
> m.
> -- 
> Martin Paljak
> http://martin.paljak.pri.ee
>
_______________________________________________
eu mailing list
eu at openid.net
http://openid.net/mailman/listinfo/eu

More information about the eu mailing list