Proposal: An anti-phishing compromise
Josh Hoyt
josh at janrain.com
Thu Feb 1 22:35:32 UTC 2007
On 2/1/07, Paul Madsen <paulmadsen at rogers.com> wrote:
> Hi Josh, do I understand correctly that the motivation for your proposal
> is not 'fix' the phish problem, but to simply hilite it so that RPs will
> begin to put pressure on their OPs to move to something beyond passwords?
>
> If this is the case, perhaps allowing an SP to add it to its request for
> authentication would give a direct (and loggable) mechanism by which
> the RP can provide feedback to the OP product managers?
What's an SP as opposed to an RP?
Josh
More information about the specs
mailing list