Petko D. Petkov wrote: > Indeed but this can be a subsystem, a feature of the OpenID provider. > For example, some OpenID providers have the feature to choose > different persons depending on the usage. So it will be easier to > safeguard a persona within one openid provider. So for example, in my > current OpenID setup I have two personas. One for daily use which is > completely useless and one for mission critical stuff. Although the > mission critical persona is not safeguarded :) (lack of > functionalities here) if such a feature is implemented, wouldn't be > that much better? :) > That could be, I was more hinting to the open structure of OpenID. If you don't trust a provider choose another one. Other frameworks for online authentication/autorization don't offer this flexibility, one provider only, like passport. OpenID offers the possibility to offer competing authentication services provided by different providers. So you don't have to put all your eggs in one basket. (it is easter after all)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
