[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] OpenID. The future of authentication on the web?
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] OpenID. The future of authentication on the web?
- From: Paul Schmehl <pauls@xxxxxxxxxxxx>
- Date: Sun, 23 Mar 2008 10:50:19 -0500
--On Sunday, March 23, 2008 5:18 AM -0700 Steven Rakick
<stevenrakick@xxxxxxxxx> wrote:
> Hello list,
>
> I'm curious what the group thinks about the recent
> surge in support for OpenID across the web and the
> impact it will have.
>
> 1) Beemba - http://www.beemba.com
> 2) ClaimID - http://www.claimid.com
> 3) MyOpenID - http://www.myopenid.com
> 4) Many others...
>
> These sites are gaining in popularity quickly and with
> the announcements of support from big players Yahoo,
> AOL, Microsoft and Google, combined with smaller
> web2.0 celeb-run sites like Digg, OpenID appears to
> what will eventually be the norm.
>
> Thoughts?
>
In general, I am opposed to anything that encourages people to use the same
id and password across multiple domains. The potential for complete
compromise of everything you have/own/are is too great.
Paul Schmehl (pauls@xxxxxxxxxxxx)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/