On 4/24/09 11:50 AM, Zachary Voase wrote: > On Apr 24, 5:20 pm, Luca Mearelli<[email protected]> wrote: >> > I'd say that if the application has the concept of an identity it >> > should be a sensible practice to generate it beforehand and educate >> > its users to recognize it (it would work as an anti-phishing measure). > > Isn't it better to spend the time and effort educating users on when > to give access to third party applications and when to deny it?
Any "solution" that depends on "educating users" is already doomed to fail. -- Dossy Shiobara | [email protected] | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
