LJ munging OpenID comments?
Evan Martin
martine at danga.com
Mon Sep 19 20:55:51 PDT 2005
On 9/19/05, Kurt Raschke <kurt at raschke.net> wrote:
> The main reason I use OpenID with LJ is so that I don't have to get
> another account, and remember another username, just so that I'm not
> "anonymous" and treated as such by the site. But if LJ is going to
> treat OpenID-authenticated users the same as anonymous users, then
> what's the point?
OpenID users really are basically the same as anonymous users. All it
takes is one public OpenID server that'll auth anyone (and I believe
one already exists) and it's back to spamland.
The point is that you can verify your identity to the extent that you
own a URL (and the server you delegate your identity can be trusted,
but that's your identity's choice to make). Just because someone has
a driver's license doesn't mean they're more trustworthy than someone
without one. (Or: as the OpenID page says, "This is *not* a trust
system.")
LJ can do its own verifications on users to be more secure about who
they are -- for example, I know that any new LJ user has passed a
CAPTCHA and that LJ has likely logged all sorts of data about them.
More information about the yadis
mailing list