On 2011-03-31 5:59 AM, John Bradley wrote:
The problem is how do you not trust them without breaking significant parts of
the internet.
Yurls.
Yurls can be implemented by changing the browser, without changing the
server - starting point being Chrome, since that is on Git, hence easier
to fork.
To implement zero knowledge logins, need to change both browser and
server - starting point being apache and chrome.
An internet with yurls and zero knowledge logins would render the CA's
largerly irrelevant.
_______________________________________________
security mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-security
