Items tagged openid in Jan, 2007
Filters: Year: 2007 × Month: Jan × openid × Sorted by date
Announcing Jyte. “Jyte is a simple service that allows you to associate claims, credibility and contacts to build a reputation with your OpenID”. The OpenID landscape is wide open for innovation like this. # 31st January 2007, 6:04 pm
XRID.net (via) Sign up for a free @xrid*something i-name by logging in with an OpenID. # 29th January 2007, 4:55 am
idproxy.net: Use your Yahoo! account as an OpenID
In an ideal world, some or all of the sites with large user databases (Yahoo!, AOL, Google, Amazon and so on) would act as OpenID providers, allowing their users to sign in to OpenID supporting sites around the Web. Until that happens, people who want to use OpenID need to sign up for Yet Another Account to do so.
[... 414 words]OpenID Enabled: OpenID Tests. Useful for checking if your OpenID consumer or server are working OK. # 27th January 2007, 10:34 am
Justin Mason: more on social whitelisting with OpenID. The author of spam assassin warns that whitelist-based trust networks are a lot harder than they look. # 26th January 2007, 1:02 am
Social whitelisting with OpenID... (plasticbag.org). Tom’s write-up of the social whitelisting idea. Lots of sceptics in the comments. # 26th January 2007, 1 am
MyOpenID: New anti-phishing tools available. Includes SafeSignIn, which removes the login form from the landing page. You have to enable it in your preferences though. # 24th January 2007, 3:02 pm
We have a unique opportunity with phishing and OpenID. OpenID can make the possibility for bad things to happen from phishing that much worse. However, having an OpenID means you create a more intimate relationship with your OpenID provider. You go there everyday. You will more likely know when something is wrong.
— Scott Kveton # 24th January 2007, 3:02 pm
Oxford Geek Nights. 8pm on the 7th of February 2007 at the Jericho Tavern in Oxford. Three 15 minute talks and a bunch of 5 minute microslots. I’ll be giving a talk on OpenID. # 22nd January 2007, 7:22 pm
Ma.gnolia Blog: OpenID is Taking Off! Since November, 15% of new Ma.gnolia members signed up using an OpenID. # 22nd January 2007, 6:41 pm
Group Membership Protocol. Martin Atkins’ proposal for a simple “is OpenID X a member of group Y?” protocol, useful for whitelists that can scale to handle large numbers of entries. # 22nd January 2007, 8:27 am
Social whitelisting with OpenID
A key feature of OpenID is that it provides a globally unique identifier for every user, no matter what site or service they are using on the Web.
[... 502 words]Anonymous OpenID. A mailinator-style service for OpenID. I’m glad someone’s built this; it reinforces the idea that an OpenID should not be trusted as an account without first using a verification step. # 21st January 2007, 2:03 am
Phishing and OpenID: Bookmarks to the Rescue? Ping extends my proposal to use bookmarks as the principle authentication mechanism, resulting in a system that is much easier for people to understand. # 21st January 2007, 1:36 am
XMPP OpenID server. An OpenID provider that sends you a Jabber message when you try to log in, to help guard against phishing. # 20th January 2007, 11:24 pm
I can also sum things up for you even more succinctly:
—users are task oriented, driving to complete the goal the
quickest way possible
—users pay more attention to the content area than the browser chrome
—users don’t understand how easy it is to spoof a website
— Mike Beltzner # 19th January 2007, 5:33 pm
Links to academic papers on phishing. Posted to the openid-general list by Mike Beltzner. # 19th January 2007, 5:32 pm
Solving the OpenID phishing problem
Most of the arguments I hear against OpenID are based on mis-understandings of the specification, but there is one that can’t be ignored: OpenID is extremely vulnerable to phishing.
[... 531 words]Planet OpenID. Aggregating news about OpenID—surprisingly high traffic. # 18th January 2007, 12:04 am
OpenID users can be just as trusty as local users. Martin Atkins makes a similar argument to my own: OpenIDs are trustworthy, provided you subject them to the same authentication steps (CAPTCHA/e-mail validation) as regular users. # 16th January 2007, 11:13 am
Firefox3/Firefox Requirements (via) OpenID and CardSpace are both listed as mandatory features. # 11th January 2007, 6:56 pm
OpenID Speech at Webtuesday Zurich. Good set of slides, along with the tidbit that local.ch (which had slippy maps years before Google) is implementing OpenID. # 11th January 2007, 3:27 pm
An OpenID is not an account!
I’m excited to see that OpenID has finally started to gain serious traction outside of the Identity community. Understandably, misconceptions about OpenID continue to crop-up. The one I want to address in this entry is the idea that an OpenID can be used as a replacement for a regular user account.
[... 601 words]OpenID Questions. I’ve attempted to provide answers in the comments. # 9th January 2007, 11:46 am
OpenID for non-SuperUsers. Sam Ruby explains the key concepts of OpenID that many first-time users tend to miss. # 7th January 2007, 10:21 pm
DjangoID. Django-based OpenID server for hosting your own (or someone else’s) identity. # 7th January 2007, 9:54 pm
More home improvements
I’ve had an offline Christmas, not entirely through choice (broadband at my Dad’s new place in rural France isn’t working yet) but welcome. I did have my laptop with me, and I’m using Bazaar for version control so being offline isn’t a barrier to checking in code. I’ve just rolled out a bunch of new features that I put together over the past few days.
[... 514 words]