[security] Nonrepudiation, and Trusting OpenID Providers

[SitG Admin]

(I should also add that OpenID doesn't actually solve the corruption 
problem, it just gives you a way to switch OP's *after the fact* so 
you can prevent further access. This really doesn't help for 
situations where all the attacker needed was one-time access, or they 
exploit the RP's feature to "disable old accounts that will be 'at 
risk' soon".

-Shade