[OpenID] OpenID and phishing (was Announcing OpenIDAuthentication 2.0 - Implementor's Draft 11)

Ben Laurie benl at google.com
Mon Jan 22 19:14:07 UTC 2007

On 1/22/07, Hans Granqvist <hgranqvist at verisign.com> wrote:
> Ben Laurie wrote:
> >> Or are you suggesting these RP profiles be consumed by the UA?
> >
> > No.
> >
> Who then?

The RP tells the OP what kinds of authentication are acceptable. So,
the profile is consumed by the OP.

More information about the general mailing list