[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OpenID



Jeffrey Tadlock wrote:
The phishing problem isn't unique to OpenID.

No, it isn't unique to OpenID - but it is certainly an area we should
take into account before implementing OpenID.

With all of that said - I like the OpenID idea.  And we run other
services that have potential exposure to security issues (ssh, just
our normal FAS logins, etc) - but we do make efforts to protect those
services to the best of our ability to reduce our risk.

... and we should actually look at using our SSL certs more for authentication as opposed to requiring people to type their FAS password all over the place. This is something I keep meaning to bring up but then having other stuff come up instead.

But that's neither here nor there wrt OpenID

Jeremy


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]