Comments on: OpenID: Signs point to momentum http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/ Husband, father, geek, pizza maker & bacon lover Sun, 23 Nov 2008 15:39:27 +0000 http://wordpress.org/?v=2.3.2 By: identity 2.0 / Digg wprowadza OpenID http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-11142 identity 2.0 / Digg wprowadza OpenID Thu, 22 Feb 2007 11:21:56 +0000 http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-11142 [...] PS. Tak rosło OpenID w ostatnim roku (wykres oparty na liczbie stron, na których można się zalogować za pomocą OpenID). Cały wpis na blogu Scotta Kvetona jest wart przeczytania, polecam. [...] […] PS. Tak rosło OpenID w ostatnim roku (wykres oparty na liczbie stron, na których można się zalogować za pomocą OpenID). Cały wpis na blogu Scotta Kvetona jest wart przeczytania, polecam. […]

]]> By: How Open ID Will Make the Internet a Better · un/popular web culture http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10927 How Open ID Will Make the Internet a Better · un/popular web culture Tue, 20 Feb 2007 23:59:25 +0000 http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10927 [...] Open ID is making headlines all over the blogosphere, but what exactly is it and how will it help you? If you check out openid.net, you’ll see their definition: OpenID is an open, decentralized, free framework for user-centric digital identity. In English, Open ID is a free, cross-platform way to authenticate a person’s online identity. Cross platform? Yeah - the same ID for all services that support it. In Plain English, Open ID will make signing up for services on the Internet easier because you will only have one name to remember. [...] […] Open ID is making headlines all over the blogosphere, but what exactly is it and how will it help you? If you check out openid.net, you’ll see their definition: OpenID is an open, decentralized, free framework for user-centric digital identity. In English, Open ID is a free, cross-platform way to authenticate a person’s online identity. Cross platform? Yeah - the same ID for all services that support it. In Plain English, Open ID will make signing up for services on the Internet easier because you will only have one name to remember. […]

]]> By: kveton http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10900 kveton Tue, 20 Feb 2007 20:30:23 +0000 http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10900 John: the man-in-the-middle attacks can happen where ever a site is not using SSL. This is the case with any site that accepts login credentials via an insecure mechanism. Trying to replay the relying party to OpenID provider association would be difficult at best because of how the protocol is designed. <a href="http://www.myopenid.com" rel="nofollow">MyOpenID</a> (our OpenID provider) is not vulnerable to the man-in-the-middle attack. It should also be noted that we're working closely with <a href="http://kveton.com/blog/2007/02/06/cardspace-openid-working-together/" rel="nofollow">Microsoft</a> and <a href="http://kveton.com/blog/2007/01/17/openid-mozilla-sittin-in-a-tree/" rel="nofollow">Mozilla</a> to integrate OpenID into their core products to help alleviate concerns such as man-in-the-middle and phishing. John: the man-in-the-middle attacks can happen where ever a site is not using SSL. This is the case with any site that accepts login credentials via an insecure mechanism. Trying to replay the relying party to OpenID provider association would be difficult at best because of how the protocol is designed.

MyOpenID (our OpenID provider) is not vulnerable to the man-in-the-middle attack.

It should also be noted that we’re working closely with Microsoft and Mozilla to integrate OpenID into their core products to help alleviate concerns such as man-in-the-middle and phishing.

]]> By: Blog by Kveton » Digg announces OpenID support http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10898 Blog by Kveton » Digg announces OpenID support Tue, 20 Feb 2007 20:25:24 +0000 http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10898 [...] So what does this mean? It means that OpenID is happening. This in addition to the recent trends is another indication that OpenID is here to stay. [...] […] So what does this mean? It means that OpenID is happening. This in addition to the recent trends is another indication that OpenID is here to stay. […]

]]> By: john http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10889 john Tue, 20 Feb 2007 18:42:57 +0000 http://kveton.com/blog/2007/02/20/openid-signs-point-to-momentum/#comment-10889 what about the outrageous openid security problems, i.e. man in the middle attacks, which practically guarantee someone anyone could authenticate themselves as you? what about the outrageous openid security problems, i.e. man in the middle attacks, which practically guarantee someone anyone could authenticate themselves as you?

]]>