One further thought on Kerberos: as far as I know, Kerberos is a minimal implementation - nothing simpler than this actually works in the real world, and the Kerberos operating environment is a bit simpler than what is being discussed in some instances here, in terms of managing the language of what access permissions are being granted by this sign-on event.
One thing I'd like to suggest we examine is personal customization as a way to prevent Phishing. For example, say that my OpenID service provider serves pages to me over HTTPS, and furthermore allows me to upload my own color preference and background images. Now, nobody who isn't logged in as me can see my image and colors, so if somebody tries to mount Man In The Middle, they can't get access to my images etc. and the page will look all wrong. Sounds dumb but it might actually work pretty well in practice... But the key is that those images have to be private, so that they foe can't spider the page and show you a copy. Vinay -- Vinay Gupta - Designer, Hexayurt Project - an excellent public domain refugee shelter system Gizmo Project VOIP: 775-743-1851 (usually works!) Cell: Iceland (+354) 869-4605 http://howtolivewiki.com/hexayurt - old http://appropedia.org/ Hexayurt_Project - new Skype/Gizmo/Gtalk: hexayurt I have a proof which unfortunately this signature is too short _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs