[IAEP] OpenID

Martin Langhoff martin.langhoff at gmail.com
Mon Aug 18 16:08:20 EDT 2008


On Tue, Aug 19, 2008 at 7:57 AM, David Farning <dfarning at sugarlabs.org> wrote:
> We have a volunteer who runs a small openID business who is willing to
> help us migrate our logins to openID.  This migration has been on our
> infrastructure todo list for a couple of months.

I've been doing quite a bit of work on Single-sign-on schemes in the
last few years. OpenID on current webbrowsers is not a secure scheme.
Until we get OpenID-modified browsers, it is a phisher's attractor.

Look up Ben Laurie's dissection of it -- and for those who don't know
who Ben is, look him up too :-)

cheers,



m
-- 
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff


More information about the IAEP mailing list