Google Apps availability broadcasting
SitG Admin
sysadmin at shadowsinthegarden.com
Tue Dec 15 04:51:24 UTC 2009
I can't find the list of candidates at openid.net (I might have to be
a member just to see them?), but if Peter Watkins' name is there, I
endorse him on the strength of privacy awareness (4 out of 5 posts,
recently, just left me impressed).
>Isn't there another privacy issue here -- that the central discovery service
>learns what RP sites the user visits? It's not just that I don't want any old
>RP knowing what OPs I'm logged into (OPs leaking info to RPs), I also don't
>want mega-OPs like Google discovering what RP sites I frequent (RPs leaking
>info to OPs).
So, if I follow some link (or am in an embedded iframe) to read an
article that happens to be on the NRA's website, Google (if acting as
my OP) could then receive a notice that I might want to *log into*
the NRA's website, misprofiling me and serving up targeted
advertisements based on my apparent interests? (Change each instance
of "NRA" to something embarrassing and/or NSFW to get me ostracized
and/or fired.)
-Shade
More information about the specs
mailing list