Feed Sign in with OpenID OpenID

Simon Willison’s Weblog

MyOpenID adds Information Card Support. First client SSL certificates, now Information Cards. MyOpenID is certainly taking browser-based phishing solutions seriously.

Posted 18th October 2007 at 9:10 pm

Tagged , , , , ,

2 comments

  1. I still don't get how openid works - any spammer can create a million of openids, so you still have to create the account the first time via email check and/or captcha. From there on, of course, it's single sign on. But your 2006 tutorial implies that sites won't check the openid further, which may work now, but when (not if) spammers catch on...

    Frank, the spammer - 19th October 2007 18:38 - #

  2. Frank, OpenID solves identification, not authorisation.

    Just because a spammer can identify himself a million different ways, it doesn't mean that he is authorised a million different times.

    See this article, also by Simon:

    http://simonwillison.net/2007/Jan/10/account/

    Jim - 20th October 2007 04:27 - #

Sign in with OpenID

Auto-HTML: Line breaks are preserved; URLs will be converted in to links.

Manual XHTML: Enter your own, valid XHTML. Allowed tags are a, p, blockquote, ul, ol, li, dl, dt, dd, em, strong, dfn, code, q, samp, kbd, var, cite, abbr, acronym, sub, sup, br, pre

A django site