[IAEP] OpenID

[David Farning]

On Tue, 2008-08-19 at 08:08 +1200, Martin Langhoff wrote:
> I've been doing quite a bit of work on Single-sign-on schemes in the
> last few years. OpenID on current webbrowsers is not a secure scheme.
> Until we get OpenID-modified browsers, it is a phisher's attractor.
> 
> Look up Ben Laurie's dissection of it -- and for those who don't know
> who Ben is, look him up too :-)
> 
Some links about Ben.

http://en.wikipedia.org/wiki/Ben_Laurie

http://www.links.org/?p=187

Martin, Seth is this something you would like to follow up on?  If not,
I will let him know and move the openid task from our todo to our
deferred list.

thanks
dfarning