Simon Willison’s Weblog

HTML 5 vs. Yadis. The draft HTML5 spec currently disallows values for http-equiv and link rel which aren’t listed in the spec—meaning both methods of specifying a link to an OpenID server are invalid for HTML5. This should probably be fixed...

# 19th April 2008, 4:35 pm / html5, openid, standards, yadis

PayPal Plans to Ban Unsafe Browsers. At first I thought they were going to encourage real anti-phishing features in browsers, which would be a big win for OpenID... but it turns out they’re just requiring EV SSL certificates which have been proven not to actually work.

# 19th April 2008, 10:45 am / evssl, openid, paypal, phishing, security

OpenID for Google Accounts. Google App Engine integrates with Google’s user accounts, so Ryan Barrett (of Google) used it to build an idproxy.net style OpenID provider.

# 9th April 2008, 1:09 am / google, googleappengine, idproxy, openid, ryan-barrett

OpenID and Spam. Matt Mullenweg: “OpenID has a ton of promise for the web—let’s not hurt it by setting people up for disappointment by telling them it’s a spam blocker when it’s not.” True for the case of general registration, but I still believe whitelisting known OpenIDs could be a powerful tool for fighting spam on personal sites.

# 2nd April 2008, 7:33 pm / matt-mullenweg, openid, social-whitelisting, spam, whitelisting