Re: OpenID. The future of authentication on the web?

[Gorn <gorn () xs4all nl>]

Petko D. Petkov wrote:
> Indeed but this can be a subsystem, a feature of the OpenID provider.
> For example, some OpenID providers have the feature to choose
> different persons depending on the usage. So it will be easier to
> safeguard a persona within one openid provider. So for example, in my
> current OpenID setup I have two personas. One for daily use which is
> completely useless and one for mission critical stuff. Although the
> mission critical persona is not safeguarded :) (lack of
> functionalities here) if such a feature is implemented, wouldn't be
> that much better? :)
That could be, I was more hinting to the open structure of OpenID. If 
you don't trust a provider choose another one. Other frameworks for 
online authentication/autorization don't offer this flexibility, one 
provider only, like passport.
OpenID offers the possibility to offer competing authentication services 
provided by different providers. So you don't have to put all your eggs 
in one basket. (it is easter after all)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/