First off, I'm very enthusiastic about OpenID and it's potential. Someone pointed me at this article, and I think the general OpenID audience should read it so we're all familiar with OpenID's weaknesses (and strengths) so we can develop it better in the future.<br>
<br><a href="http://idcorner.org/2007/08/22/the-problems-with-openid/">http://idcorner.org/2007/08/22/the-problems-with-openid/</a><br clear="all"><br>I haven't read it all yet, but it seems to me that X.509/InfoCards at the OP + raw OpenID at the RP is a killer combination that totally solves the phishing and security problems inherent in today's OpenID.<br>
<br>-- <br>Andrew Arnott