[OpenID] FB Connect, OpenID and UX - general Security Services
Christian Scholz / Tao Takashi (SL)
tao.takashi at googlemail.com
Tue Dec 16 09:16:48 UTC 2008
On Tue, Dec 16, 2008 at 9:53 AM, Alexandru Popescu ☀
<the.mindstorm.mailinglist at gmail.com> wrote:
> On Mon, Dec 15, 2008 at 11:23 PM, Steven Livingstone-Perez
> <weblivz at hotmail.com> wrote:
>> [snip /]
>>
>> I mean building AS PART of the browsers would be the logical way to do all
>> this, but as an alternative, an approach such as that provided by these
>> existing security companies could also work well. I mean the key issue is
>> knowing that the "service" doing all of the core identity work is trusted –
>> whether that be the browser itself or an external trusted application.
>>
>
> While, I do think this might work, lets keep in mind that asking
> people to install 3rd party tools is not usually showing a high rate
> of adoption. Secondly, the more 3rd party tools you are depending on
> means a lot more places to track possible vulnerabilities.
And I think the only way to spread adoption is to actually built it
directly into the browser, not just as addon. There might also be a
trust issue involved as you usually trust your browser vendor more
than third party apps.
--
Christian Scholz
http://mrtopf.de/blog
New Podcast: http://datawithoutborders.net
More information about the general
mailing list