On Fri, May 8, 2009 at 5:48 AM, Benjamin M. Schwartz <bmsch...@fas.harvard.edu> wrote: > People interested in $SUBJECT may enjoy > > http://almaer.com/blog/who-do-i-trust-with-my-identity-erm-how-about-me-openid-weaves-into-the-browser > > I haven't quite figured out what they're doing.
Makes sense -- it is the step that people who actually understand security (that is _not_ the OpenID designers ;-) [1] ) all insist that is required for a secure scheme to work... IOWs, promising, but I'll wait for it to pass the Ben Laurie sniff test. cheers, m [1] - That's clearly unfair, after all the attention OpenID has gotten, I'm sure they've learned something about secuity. But surely they didn't know much when they designed it. -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff _______________________________________________ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel