Currently browsing tag

openid, Page 2

OpenID et al Security Economics

Steven J. Murdoch and Ross Anderson, in the very worthwhile “Verifi ed by Visa and MasterCard SecureCode: or, How Not to Design Authentication” assert: While other single sign-on schemes such as OpenID, InfoCard and Liberty came up with decent technology they got the economics wrong… To which I can only respond: “you wish. We don’t have…

OpenID Connect? Messina vs. Obasanjo

Chris Messina thinks the OpenID brand should come to mean a package of a number of related “Open Stack” technologies, called OpenID Connect, and start to compete with Facebook Connect. Dare Obasanjo disagrees: he thinks we only need an OpenID Connect if there were multiple incompatible implementations of Facebook Connect-like products from multiple players, to…

Another Decade, Time for One More Blog

What’s the next decade going to be like in technology? I found myself pondering this a lot recently. It seems we are in for very revolutionary changes … like the becoming irrelevance of the PC. Or the move to NoSQL. Or all web apps being connected to each other, with RSS/Atom and OpenID being the…

From 1 to a billion in 5 years. What a little URL can do.

It was at the end of 2004 when I decided to start telling the world about this silly little idea I had had about a year before: give every person on the internet a URL that they could use to identify themselves to any website. Fully decentralized, no permission needed from anybody, under control of…

The Credentialed Account Provisioning Anti-Pattern

I wanted to write about this for a long time. A wait in the doctor’s office has its uses … Here is an example scenario from the real world: Like many schools these days, my son’s school has a website where teachers enter current assignments and grades, and students and parents like me can check…