jeff at ocjtech.us
Thu May 29 13:17:08 UTC 2008
On Thu, May 29, 2008 at 8:03 AM, Kostas Georgiou
<k.georgiou at imperial.ac.uk> wrote:
> A possible solution to the phishing issue might be to only allow ssl
> client auth and not a login/password for a.fp.org/accounts/openid/login
> this doesn't stop the phishing site asking for a password but the
> difference might be enough for the user to notice that something is
The phishing problem isn't unique to OpenID.
> I am not sure that I see any value in OpenID in any case, there are very
> few OpenID consumers that I know about.
While OpenID is definitely an emerging technology, there are a lot of
places where OpenID can be used to authenticate. Here are a couple of
sites that have directories of OpenID-enabled sites:
More information about the Fedora-infrastructure-list