[OpenID] Verisign Seatbelt "vs" ClaimOP/RP -- OpenID not so openanymore?
Ben Laurie
benl at google.com
Wed May 30 04:17:21 UTC 2007
On 5/29/07, Eric Norman <ejnorman at doit.wisc.edu> wrote:
>
> On May 29, 2007, at 6:11 PM, Recordon, David wrote:
>
> > 2) OpenID Providers are already starting to look at ways they can
> > protect their users from phishing by using authentication technologies
> > other than username and password. While OpenID thrusts the phishing
> > issue into the lime-light, it is a larger problem on the web which
> > technologists are already looking at. Options such as certificates
> > (whether they be through something like CardSpace or browser certs like
> > MyOpenID.com and Certifi.ca are doing) provide one means to help with
> > this problem.
>
> Another place you might want to look for certificates
> in the higher education community is http://www.usherca.org
>
> Although I having a hard time understanding why someone
> would want to go through the OpenID dance when the use
> of client certificates can do the same thing directly.
One obvious reason is revocation. Then only the provider has to worry about it.
>
> Eric Norman
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
More information about the general
mailing list