[Preston] Ideas for the future

Georgina gena at mga.demon.co.uk
Sat Apr 12 20:00:22 BST 2008


Hi

Exactly, wasn't this what I was trying to say initially?  You expressed the
security advantage of Open ID in a few lines.  Which raises the question is
there enough material for a LUG meeting?

It would be just as boring as watching a kernel compile.  <smile>  Watching
someone log into a website.  Unless I'm still misunderstanding and there's
something that could be demonstrated in a LUG meeting.

Gena

-----Original Message-----
From: preston-bounces at mailman.lug.org.uk
[mailto:preston-bounces at mailman.lug.org.uk] On Behalf Of Andy Smith
Sent: 12 April 2008 19:42
To: preston at mailman.lug.org.uk
Subject: Re: [Preston] Ideas for the future


Hi Gena,

On Sat, Apr 12, 2008 at 06:50:38PM +0100, Georgina wrote:
> Well, I'm confused straight away, in respect of attempting to 
> understanding the security advantages over one ID system over another.

The way I see it:

If you use services A, B and C from different organisations, all of which
have their own authentication scheme, then you need to give and maintain
credentials at three different sites.  These credentials will be subject to
three different privacy policies and will be accessible to many people at
three different organisations.

If you use services A, B and C from different organisations, all of which
accept OpenID run by organisation D (which may be yourself), then you have
to maintain credentials with organisation D only.  A, B and C will have to
take D's word for it that you are who you say you are, and aside from the
fact that you use their services, that's all A, B and C need to know.  Your
convenience is increased and your exposure to risk is decreased.

If you want to add morals in to it, as of course everyone including me does
-- with everything -- then that's something different, but supporting some
different community for moral/ethical/political reasons is not the main
point of OpenID as a technology, in my opinion.

That doesn't stop some service switching to OpenID for these moral, ethical
or political reasons either of course.  It's just a tool..

Cheers,
Andy

-- 
http://bitfolk.com/ -- No-nonsense VPS hosting
Encrypted mail welcome - keyid 0x604DE5DB




More information about the Preston mailing list