Blog URI, is it necessary?
imranghory at gmail.com
Mon May 23 12:19:46 PDT 2005
> Interesting. When the user enters her URL she is granting permission
> to the site to attempt to authentication. Sites might be tempted to
> auth without permission. They might guess her URL, either because
> it's not particularly unique or because they found it via some back
> channel. hm.
The protocol allows for white-listing, i.e. the ID server can be set
to only ID to sites which have been pre-approved.
More information about the yadis