[OpenID] OpenID and phishing (was AnnouncingOpenIDAuthentication 2.0 - Implementor's Draft 11)
James A. Donald
jamesd at echeque.com
Mon Jan 22 21:03:45 UTC 2007
Scott Kveton wrote:
> Let's all not forget that the best part about OpenID 2.0 is that there will
> be an OpenID 2.1, 3.0 ... Maybe even XP, Vista or 2008 (I kid). Putting a
> requirement like the above on OpenID 2.0 will halt adoption ... We can't
> demand that browsers and other user agents change before we move forward
> IMHO.
Open ID cannot mandate phishing protection, since that requires UA
upgrades. It can *enable* phishing protection for suitable UAs, and
also provide best practice sample code for OPs
More information about the general
mailing list