| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <E89DA6AA3BC1F10592BA3A83@[192.168.2.101]> Date: Sun, 23 Mar 2008 10:50:19 -0500 From: Paul Schmehl <pauls@...allas.edu> To: full-disclosure@...ts.grok.org.uk Subject: Re: OpenID. The future of authentication on the web? --On Sunday, March 23, 2008 5:18 AM -0700 Steven Rakick <stevenrakick@...oo.com> wrote: > Hello list, > > I'm curious what the group thinks about the recent > surge in support for OpenID across the web and the > impact it will have. > > 1) Beemba - http://www.beemba.com > 2) ClaimID - http://www.claimid.com > 3) MyOpenID - http://www.myopenid.com > 4) Many others... > > These sites are gaining in popularity quickly and with > the announcements of support from big players Yahoo, > AOL, Microsoft and Google, combined with smaller > web2.0 celeb-run sites like Digg, OpenID appears to > what will eventually be the norm. > > Thoughts? > In general, I am opposed to anything that encourages people to use the same id and password across multiple domains. The potential for complete compromise of everything you have/own/are is too great. Paul Schmehl (pauls@...allas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists