MySpace OpenID Popup spotted in the wild

[Brendan O'Connor]

On Fri, May 1, 2009 at 1:35 PM, Johannes Ernst
<jernst+openid.net at netmesh.us> wrote:

> If we could get the browser developers to add anything we wanted to their
> browsers, what *exactly* would we want them to implement?
> This is not outlandish. The Mozilla folks asked repeatedly in the past (and
> we never knew what to say in response) and the security of a billion OpenIDs
> is not a set of user requirements that's easily dismissed either.
> It appears that it would be some kind of user interface element (think
> "popup" for a minute) that could display the OP's authentication ceremony.
> But where the browser would somehow "certify" that it was not a phishing
> attempt and came from one of the user's trusted OPs. In a way that is better
> than having the user to do a string compare on the URL shown in the address
> bar.
> What would such a user interface element look like? That's not limited to
> what we can do without cooperation from the browser guys.
> In Firefox, it could be sitting in the side bar for example. (where the
> bookmarks are) Or ...?

Why not Seatbelt? I mean, naturally, a reimplemented version, but it
seems to solve the UI/UX issues pretty nicely. It just sits quietly
down in my status bar, and only pops up if I try to log in somewhere--
and it always displays my current logged in / logged out status. And
it can be configured for any OP.

<https://addons.mozilla.org/en-US/firefox/addon/5133>

---Brendan O'Connor