A few thoughts
Paul Crowley
paul at ciphergoth.org
Thu Jun 2 00:47:11 PDT 2005
Benjamin Yu wrote:
> 2. I would like to put in 2 cents in favor of finding a
> simplified login id, on the order of user at domain. This just
> seems easier for non-techies to understand.
user at domain.com should be equivalent to http://www.domain.com/~user/
> 3. Is openid's answer to dns poisoning dns sec?
I think it's "running the latest DNS servers". OpenID isn't meant to be
more secure than logging in to LiveJournal itself. For a higher-value
system, SSL would provide protection against DNS poisoning, and works
well with OpenID.
DNSSEC would work if everyone who was issued a domain got a DNSSEC
certificate, and that would do a lot to improve the cryptographic
security of various things, but would remove a huge revenue stream for
certain ICANN members.
--
__
\/ o\ Paul Crowley, paul at ciphergoth.org
/\__/ http://www.ciphergoth.org/
More information about the yadis
mailing list