[OpenID] OpenID and phishing (was Announcing OpenIDAuthentication 2.0 - Implementor's Draft 11)
Hans Granqvist
hgranqvist at verisign.com
Fri Jan 19 18:46:13 UTC 2007
Ben Laurie wrote:
> ...
> I do not agree that its not an issue for the spec. As it stands, the
> spec completely washes its hands of this issue, and I don't think
> that's acceptable.
>
What I don't get is why everyone seemed to not care when
we were discussing "OpenID security profiles" a few months
ago.
I whined a bit about that here:
http://commented.org/blog/2007/1/19/openid-and-phishing.html
-Hans
More information about the general
mailing list