« Do iPhones Have a Place in the Enterprise? - Security Edition | Main | Financial Services Roundtable Plans for Changing the Game »

September 05, 2007


Justen Stepka

Security concerns certainly have been identified with the OpenID protocol, however given the simplicity and grass root adoption it seems the protocol is here stay. The limits of the protocol are not that much different than the phishing problems that email has... to resolve this programs like firefox have built in fraud detection which I am sure we will see in the browser and providers soon enough.

One of the things we have have done with our Atlassian Crowd OpenID server is build in whitelist and blacklist:

* http://confluence.atlassian.com/display/CROWD/3.3+Allowing+specified+hosts+only+%28%27Whitelist%27%29

Bob Blakley

Saying that OpenID is here to stay because it's been widely adopted is like saying a million Dinosaurs can't be wrong. They can. I appreciate the link to the whitelist and blacklist functionality, but it doesn't answer my question. What do you think this technology should be used for? What do you think it should not be used for?

The comments to this entry are closed.

  • Burton Group Free Resources Stay Connected Stay Connected Stay Connected Stay Connected

Blog powered by Typepad