Author Topic: OpenID compatibility (Read 1983 times)

zencocoon · « **on:** May 16, 2007, 06:30:47 pm »

Hi,

Really nice service you have out here ;-) Well done !

On my side I may like to see a possibility for the clients to use them OpenID, which could allow them to be verified without any reregistration / validation process which is never joyful.

Bon boulot ;-)
P.S. : Yes, one more French around ;-)
--
Sébastien Grosjean - ZenCocoon

WorldSpot · « **Reply #1 on:** May 16, 2007, 08:00:28 pm »

looks good...
I'll think about it.

Merci!

WorldSpot · « **Reply #2 on:** May 17, 2007, 12:16:34 am »

There are 2 problems I see about openID:
- You are not required to use SSL (man in the middle, dns hack, etc..)
- OpenID providers are not certified by an authority. A malicious user could make his own openid provider and not give any verified information like email or other things to authenticate you. Hotspot providers are supposed to authenticate hotspot users in case of illegal activities...

I would not look for a simple single sign on system, but an authentication system.

zencocoon · « **Reply #3 on:** May 17, 2007, 02:24:54 pm »

I've check fast the specification again and that's seem effectively to be an actual problem.

I totally agree than security is more important than simple sign-on, registration, ... so let's forget about OpenID until it get more secured.

News:

Author Topic: OpenID compatibility (Read 1983 times)

zencocoon

OpenID compatibility

WorldSpot

Re: OpenID compatibility

WorldSpot

Re: OpenID compatibility

zencocoon

Re: OpenID compatibility