WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OpenID and the web

From: Eric Marden <security () xentek net>
Date: Tue, 25 Mar 2008 21:23:08 -0400
Personally, I don't see the use. Its just as much trouble to configure it for the supporting sites, as it is sign up for that site in the first place. Most of the people that support it now, I already have 'regular' accounts for, and no compelling reason to switch it - especially if I'm in a hurry (which like most of us, is all the time).
And while support surges - I don't see adoption picking up the same way. Only my geek friends know about it, and even less of those people even use it.
Unlike passport and other big splashes in this space, at least its more of an open system. Passport (which was first code named hailstorm) never really made it past Microsoft's gates, and eventually just morphed into MS's Live ID today... in other words, their single- sign-on solution for their own network of web stops). But like another poster indicated it was a lot of press with out a long lasting impact. 

Maybe Open ID is different, but I haven't been impressed yet.


Eric Marden
xentek: enlightened internet solutions
http://xentek.net/

On Mar 23, 2008, at 8:15 AM, Steven Rakick wrote:

Hello list,

I'm curious what the group thinks about the recent
surge in support for OpenID across the web and the
impact it will have.

1) Beemba - http://www.beemba.com
2) ClaimID - http://www.claimid.com
3) MyOpenID - http://www.myopenid.com

These sites are gaining in popularity quickly and with
the announcements of support from big players Yahoo,
Microsoft and Google, combined with smaller web2.0
celeb-run sites like Digg, OpenID appears to what will
eventually be the norm.

Thoughts?

I've also noticed that many of these sites are
bundling Information Card support (CardSpace on
Windows). Sounds like a good idea as it compliments
OpenID and helps address some weaknesses.

Again, any thoughts?

I'm really just interested in a dialog.

-sr
____________________________________________________________________________________ 
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ


-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------




-------------------------------------------------------------------------
Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! 
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: