On Thu, May 29, 2008 at 8:03 AM, Kostas Georgiou <k.georgiou@xxxxxxxxxxxxxx> wrote: > > A possible solution to the phishing issue might be to only allow ssl > client auth and not a login/password for a.fp.org/accounts/openid/login > this doesn't stop the phishing site asking for a password but the > difference might be enough for the user to notice that something is > wrong. The phishing problem isn't unique to OpenID. > I am not sure that I see any value in OpenID in any case, there are very > few OpenID consumers that I know about. While OpenID is definitely an emerging technology, there are a lot of places where OpenID can be used to authenticate. Here are a couple of sites that have directories of OpenID-enabled sites: https://www.myopenid.com/directory http://openiddirectory.com/ Jeff _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
