Allowing all sites access

Max Kanat-Alexander mkanat at
Thu May 19 17:55:58 PDT 2005

On Wed, 2005-05-18 at 22:35 +0100, Martin Atkins wrote:
> Drama-like situations where you've had a 
> falling out with someone and they want to know if you are reading their 
> blog spring to mind.

	This should probably also be pointed out in the specs or in some
recommendation document as a reason that people should probably not set
the identity server to trust itself.

	In general -- are there privacy concerns that generally arise from
this? That is, say I trust the DeadJournal *login system*, but I don't
really trust all the DeadJournal *users*. Is there anything to be done
about that, or have I given my trust to the entire domain?

Everything Solved: Experts at Bugzilla... and everything else, too.

More information about the yadis mailing list