Allowing all sites access
mkanat at bugzilla.org
Thu May 19 17:55:58 PDT 2005
On Wed, 2005-05-18 at 22:35 +0100, Martin Atkins wrote:
> Drama-like situations where you've had a
> falling out with someone and they want to know if you are reading their
> blog spring to mind.
This should probably also be pointed out in the specs or in some
recommendation document as a reason that people should probably not set
the identity server to trust itself.
In general -- are there privacy concerns that generally arise from
this? That is, say I trust the DeadJournal *login system*, but I don't
really trust all the DeadJournal *users*. Is there anything to be done
about that, or have I given my trust to the entire domain?
Everything Solved: Experts at Bugzilla... and everything else, too.
More information about the yadis