Full Disclosure mailing list archives
Re: OpenID. The future of authentication on the web?
From: Gorn <gorn () xs4all nl>
Date: Mon, 24 Mar 2008 11:50:10 +0100
Petko D. Petkov wrote:
Indeed but this can be a subsystem, a feature of the OpenID provider. For example, some OpenID providers have the feature to choose different persons depending on the usage. So it will be easier to safeguard a persona within one openid provider. So for example, in my current OpenID setup I have two personas. One for daily use which is completely useless and one for mission critical stuff. Although the mission critical persona is not safeguarded :) (lack of functionalities here) if such a feature is implemented, wouldn't be that much better? :)
That could be, I was more hinting to the open structure of OpenID. If you don't trust a provider choose another one. Other frameworks for online authentication/autorization don't offer this flexibility, one provider only, like passport. OpenID offers the possibility to offer competing authentication services provided by different providers. So you don't have to put all your eggs in one basket. (it is easter after all) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: OpenID. The future of authentication on the web?, (continued)
- Re: OpenID. The future of authentication on the web? John C. A. Bambenek, GCIH, CISSP (Mar 24)
- Re: OpenID. The future of authentication on the web? Larry Seltzer (Mar 24)
- Re: OpenID. The future of authentication on the web? John C. A. Bambenek, GCIH, CISSP (Mar 24)
- Re: OpenID. The future of authentication on the web? Petko D. Petkov (Mar 24)
- Re: OpenID. The future of authentication on the web? John C. A. Bambenek, GCIH, CISSP (Mar 24)
- Re: OpenID. The future of authentication on the web? Petko D. Petkov (Mar 24)
- Re: OpenID. The future of authentication on the web? John C. A. Bambenek, GCIH, CISSP (Mar 24)
- Re: OpenID. The future of authentication on the web? Petko D. Petkov (Mar 24)
- Re: OpenID. The future of authentication on the web? Gorn (Mar 24)
- Re: OpenID. The future of authentication on the web? Petko D. Petkov (Mar 24)
- Re: OpenID. The future of authentication on the web? Gorn (Mar 24)
- Re: OpenID. The future of authentication on the web? Petko D. Petkov (Mar 24)
- Re: OpenID. The future of authentication on the web? Valdis . Kletnieks (Mar 24)
- Re: OpenID. The future of authentication on the web? Paul Schmehl (Mar 24)
- Re: OpenID. The future of authentication on the web? Petko D. Petkov (Mar 24)
- Re: OpenID. The future of authentication on the web? John C. A. Bambenek, GCIH, CISSP (Mar 24)
- Re: OpenID. The future of authentication on the web? Petko D. Petkov (Mar 24)