[security] Who bears the risk..
Johannes Ernst
jernst+openid.net at netmesh.us
Fri Oct 27 02:32:23 UTC 2006
On Oct 26, 2006, at 19:16, Dan Lyke wrote:
> For instance, I may present random OpenID users with a CAPTCHA type
> puzzle the first time they log in, but I could skip that step if their
> Identity Provider appears to be someone whom I belive has already
> adequately verified that they're a human being.
I'd really hate it if that happened. Because I -- speaking about
myself -- would like to have a piece of software do a lot of things
for me, using my identity (and me being responsible for its actions).
If OpenID was only usable by people, a very big chunk of its
attractiveness would disappear for me ...
For example, I'd like it to log into that for-$ news site for me and
pull down the 10 most recent articles so I can put them onto my
laptop to read on the next flight. (or whatever, you get the point,
there are many cases like this one where I'm not operating a browser
right then and there ... ).
Johannes Ernst
NetMesh Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pastedGraphic.tiff
Type: image/tiff
Size: 1962 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061026/39473057/attachment-0002.tiff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lid.gif
Type: image/gif
Size: 973 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061026/39473057/attachment-0002.gif>
-------------- next part --------------
http://netmesh.info/jernst
More information about the security
mailing list