On Dec 4, 2008, at 4:59 PM, Sebastian Silva wrote: > I looked this up. Actually, his only argument that I could find it > suposedly makes phishing easier. I must really disagree.
Can we please not duke out the issues with OpenID on this particular list? Go argue with Kim Cameron at <http://idcorner.org/2007/08/22/the-problems-with-openid/ > or something. I originally envisioned a potential use for OpenID within the XO security model in minimizing the number of passwords that needed to be remembered by the kids. I was thinking of strong, automatic OOB authentication to the IdP on the XS as a slightly lesser evil than a browser plugin storing the passwords, as the latter is potentially harder to back up, restore, etc. But I've come around since then -- an XS IdP will probably mean people expect to be able to use their OpenID from anywhere, including e.g. internet cafe machines that are not their XOs, in which case the strong OOB authentication to the IdP would be absent, thus we're back down to a password, thus we go down the rabbit hole of stupidity that I was trying to avoid in the first place. For authenticating the XO to just the XS, OpenID seems downright idiotic, and I'm actually in disbelief about hearing genuine suggestions for OpenID over Jabber. Or, in fact, anything else over Jabber. For those just tuning in, the whole story of Jabber on the XO has basically been colorfully fucked, as has that of the entire collaboration stack. I suggest further proposals of actually using Jabber for anything wait until the basic XO implementation gets to the point where IRC was 20 years ago -- namely, working. -- Ivan Krstić <[EMAIL PROTECTED]> | http://radian.org _______________________________________________ Sugar mailing list Sugar@lists.laptop.org http://lists.laptop.org/listinfo/sugar