[OpenID] An OpenID "mobile" Hint?
Johannes Ernst
jernst+openid.net at netmesh.us
Fri Jun 6 22:09:19 UTC 2008
Yes -- as always if you list multiple OPs in the same XRDS file.
In this case, the only alternative seems to be "does not work" (i.e.
user cannot log on from the mobile phone)
Or am I not understanding you?
On 2008/06/05, at 18:07, Josh Hoyt wrote:
> On Thu, Jun 5, 2008 at 9:16 AM, Johannes Ernst
> <jernst+openid.net at netmesh.us> wrote:
>> The scenario is that I have a preferred OP on the PC-class device
>> that I
>> like because, say, it has a hardware device attached to it for
>> security
>> purposes.
>>
>> Now I'd like to log on, with the same identifier, from my iPhone
>> that does
>> not have the same hardware device attached: I will be redirected to
>> the OP
>> that then cannot authenticate me.
>
> Doesn't this severely compromise the security provided by the hardware
> device unless a similarly strong measure can be used on the phone?
>
> Josh
More information about the general
mailing list