2008/12/4 Martin Langhoff <[EMAIL PROTECTED]>: > So we are aiming for moderate security. Also note that OpenID is in > the conversation, and that is _not_ a particularly secure protocol > (see the archive, and the many _many_ very good posts from Ben Laurie > here and on his blog on the matter). OpenID is somewhat standard > though ;-)
Martin, I looked this up. Actually, his only argument that I could find it suposedly makes phishing easier. I must really disagree. First, OpenID admittedly does not address this. Neither does email. Its out of scope. It is expected that browsers will warn about funky phishing attempts (makes sense). Of course Browse hiding the address does not help too much, except: Second, and more importantly, if we do this right, his description of the problem does not bite us because a child is already logged in by the time he goes outside to the wild phishing monster filled world. If the fake OpenID sends you to a fake user/pass page (weren't we discussing passwordless?) - it should be suspicious since he'll know he's already logged in. Also, more importantly, if the login confirmation is done via the GUI (and not a website), then the problem is gone (how can you fake a sugar dialog from a website?). The *correct* way to go, considering our lack of FQDN, is not DNS magic as I supposed, but tunneling it thru our jabber collaboration framework. Traversing NATs and all sort of stuff is what we have it for. Lets use it. Its an extension to jabber protocol, XEP-0070, still standards compliant, will send the login request to your client over the chat framework. Great suggestion Ben! If I missed other security cristicisms of OpenID that have some substance, let me know, perhaps I'll open regional OpenID foundation :-P -- Sebastian Silva Iniciativa FuenteLibre http://blog.sebastiansilva.com/ _______________________________________________ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar