[OpenID] Fwd: OpenID Spoofing
Dmitry Shechtman
damnian at gmail.com
Fri Jan 12 17:56:51 UTC 2007
> I don't like having to put the burden on the users to install client-side
> software. Also, there is the possibility (although remote) that a user
> could be phished to install a extension that does "bad things" as well.
> And what is there to stop other extensions you install for one thing from
> doing "bad things" with your identity?
Ditto.
> I'm really hoping that the Firefox 3.0 release will integrate OpenID in
> such a way to alleviate a lot of these risks:
>
> http://radar.oreilly.com/archives/2007/01/firefox_30_requ.html
I really hate to say it in this forum, but we (myself included) often forget
that the world isn't spinning around OpenID.
Why should an OpenID provider be a special case? Just assign it a petname,
and you're done. I'm not sure whether Petnames are expected to be part of FF
3.0, but they certainly seem to do the trick.
Regards,
Dmitry
=damnian
More information about the general
mailing list