OpenID

[Jeffrey Ollie]

On Thu, May 29, 2008 at 8:03 AM, Kostas Georgiou
<k.georgiou at imperial.ac.uk> wrote:
>
> A possible solution to the phishing issue might be to only allow ssl
> client auth and not a login/password for a.fp.org/accounts/openid/login
> this doesn't stop the phishing site asking for a password but the
> difference might be enough for the user to notice that something is
> wrong.

The phishing problem isn't unique to OpenID.

> I am not sure that I see any value in OpenID in any case, there are very
> few OpenID consumers that I know about.

While OpenID is definitely an emerging technology, there are a lot of
places where OpenID can be used to authenticate.  Here are a couple of
sites that have directories of OpenID-enabled sites:

https://www.myopenid.com/directory
http://openiddirectory.com/

Jeff