[sldev] OpenID vs. current proposal vis a vis security

Jason Giglio gigstaggart at gmail.com
Sun Sep 30 00:56:01 PDT 2007


Harold Brown wrote:
> You're right.  OpenID will not be any better then what LL's proposed.  
> You still have a login and password that will have to be entered 
> somewhere.  And by all rights OpenID can be a greater security risk then 
> the Authentication Method proposed as you may have many other sites tied 
> to that OpenID. 

To be entirely blunt: OpenID is an aborted fetus of an idea that sprung 
up when MS was spending many thousands of dollars pimping Passport as if 
it was going to be the "new way to do things on the Internet".

Passport washed out for the most part, and OpenID even more so.

For OpenID to even work here, Linden Lab would have to be the only 
acceptable IDP, negating the supposed benefits of decentralization, and 
making the whole exercise pointless.

Any one of you that knows me knows that I am militant when it comes to 
choosing an existing open source solution where possible, but when it 
doesn't really solve anything, there's no point in choosing it.

-Jason


More information about the SLDev mailing list