I have a small thought on OpenId.. Hope it turns out into a nice discussion.. Talking about OpenId service providers, there are quite a few.. EG: LiveJournal, LaunchPad, etc..
When a site says they allow the use of Open ID to authenticate yourself, people without much thought punch in their LiveJOurnal/Launchpad id and password.. There is a huge failure in this mechanism.. How do you ensure that there is absolutely no Man in the middle collecting your info? Similarly, when you sign up for Twitter and other Web 2.0"So called" sites which let you invite your Gmail friends, people type their ids and passwords without thinking.. I know quite a few people here have invited the list to various sites BY MISTAKE.. I just want to know, how and why do you trust these sites with such information.. P.S. I have an email id which redirects to my gmail.. And i use this to signup everywhere thinking nothing much can be done with that email id.. -- Jay "Impossible Is Nothing" http://www.amonks.in
-- ubuntu-in mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-in
