[OpenID] openid query
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Fri Feb 29 20:50:58 UTC 2008
Martin Paljak wrote:
> EV certs seem to me like a 'moneymaking patchwork to fix web PKI'.
Yes
>
> Lets say you trust OpenID.ee to do the right thing.
The problem is, that I might trust your OpenID provider today, however I
don't know how you are performing in the future. Additionally, supposed
there will be OPs as there are mail servers today (i.e. many), how do I
have the slightest chance to even monitor these? And then, I haven't
seen any policy like statements of any OpenID provider which would let
me KNOW about what's implemented nor has any provider been confirmed by
a third party attestation about its implementations. Please correct me
if I'm wrong.
In that sense, PAPE is the standard providing us with a vehicle how to
provide such informations upon request, the actual "trust" issue still
has to be resolved.
>
>
>
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080229/47ab26c9/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7282 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080229/47ab26c9/attachment-0002.bin>
More information about the general
mailing list