[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] OpenID. The future of authentication on the web?

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] OpenID. The future of authentication on the web?
From: fabio <ctrlaltca@xxxxxxxxx>
Date: Sun, 23 Mar 2008 17:36:10 +0100

There're more complications: who owns/controls the service can track 
down your movements between different webplaces, profiling your common 
habits/preferences. How long before banners will follow your navigation 
trough different websites where you use the same identity token?

CtrlAltCa

Paul Schmehl wrote:
> 
> In general, I am opposed to anything that encourages people to use the same 
> id and password across multiple domains.  The potential for complete 
> compromise of everything you have/own/are is too great.
> 
> Paul Schmehl (pauls@xxxxxxxxxxxx)
> Senior Information Security Analyst
> The University of Texas at Dallas
> http://www.utdallas.edu/ir/security/
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] OpenID. The future of authentication on the web?
  - From: Steven Rakick
- Re: [Full-disclosure] OpenID. The future of authentication on the web?
  - From: Paul Schmehl

Prev by Date: Re: [Full-disclosure] OpenID. The future of authentication on the web?
Next by Date: Re: [Full-disclosure] OpenID. The future of authentication on the web?
Previous by thread: Re: [Full-disclosure] OpenID. The future of authentication on the web?
Next by thread: Re: [Full-disclosure] OpenID. The future of authentication on the web?
Index(es):
- Date
- Thread