[OpenID] What are openids weaknesses?
Patrick Aljord
patcito at gmail.com
Sat Sep 1 19:38:00 UTC 2007
Hey all,
I'm doing a presentations and I need a little more information about
OpenId weaknesses and how they are being addressed.
I know there is this draft to fight against phishing:
http://openid.net/specs/openid-provider-authentication-policy-extension-1_0-01.html
If you have other links or information, please sent it.
Also, most people doing presentations on openid talk about how
facebook and the like should use openid. But openid doesn't support
HTTP authentication so people that want to use eg facebook API would
have to use another authentication system which would defeat the
purpose of openid (as each system would have its own account system).
Is this being worked on also? I saw a draft
http://openid.net/wiki/index.php/REST/SOAP/HTTP_Bindings but it seems
pretty old. Are there people working on it such as sxip.com or
something? Any information welcome here too.
Thanx in advance
Pat
More information about the general
mailing list