Simon Willison’s Weblog

App Engine at Google I/O 2010. OpenID and OAuth are now baked in to the AppEngine users API. They’re also demoing two very exciting new features—a mapper API for doing map/reduce style queries against the data store, and a Channel API for building comet applications. # 20th May 2010, 3:30 pm

OpenID phishing demo (via) A demonstration of the OpenID man-in-the-middle phishing attack. idproxy.net OpenIDs are immune to this particular variant due to the landing page not asking for your password (the phishing site could still provide their own redesigned landing page and hope users don’t notice though). # 28th May 2008, 8:09 am

Byteflow Blog Engine. This looks like the most full-featured of the Django blog engines by a pretty big margin, including OpenID client and server support. A product of the growing Russian/Ukrainian Django community. # 11th May 2008, 7:41 pm

SourceForge Allows OpenID Logins. Excellent—SourceForge is the kind of site that I log in to infrequently enough to always forget my password (and indeed username) making OpenID a great fit. # 1st May 2008, 1:05 pm

Web Security for Estonia—OpenID. “Every Estonian eID holder (around 80% of Estonian population) has an unique OpenID with the format open.id.ee/[firstname].[lastname](.number)” # 24th May 2007, 3:56 pm

OpenID for all Estonians. 1.37 million Estonians will soon have OpenIDs, secured using smart cards. I’d like to hear more about how the smart cards help tackle phishing. # 24th May 2007, 3:55 pm

Ten Reasons The World Needs Patent Covenants (via) Sun just made their OpenID patent covenant official. Simon Phipps explains why these are a Good Idea. # 22nd May 2007, 5:09 pm

Sun Microsystems Announces OpenID Program (via) “In order to explore the boundaries of OpenID as a trust system, Sun is offering an OpenID Provider service to its 34,000 employees.” # 7th May 2007, 8:23 pm