Shade, Just as an aside: do you know that saying "yes" to the save password prompt can help protect you against phishing? If the browser auto-fills your password on your *real* Provider, it won't do it on a fake copy. So it's a clue to you that you're being phished.
-- Andrew Arnott "I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre On Mon, Dec 14, 2009 at 7:40 PM, SitG Admin <[email protected] > wrote: > Now the difficult part. We need the browser to maintain a list of the >> user's OP's with their endpoints, and the browser can ask the user which OP >> he would like to use. >> > > With due privacy settings; most browsers prompt me before "saving" my > password, GOOD browsers let me disable the prompt entirely since I know the > answer will always be "no" ;) > > > This can also be done if all OP's were to advertise to the browser, their >> endpoints whenever a user creates a new account with the OP, or when the >> user visits his home page at the OP. eg. >> > > If my OP is only identifying *me*, does it still need to advertise a > generic "all users" endpoint, or will this point be moot since all > single-user OP libraries will act no differently than multi-user OP's? > > -Shade > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
