Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: OpenID. The future of authentication on the web?
From: fabio <ctrlaltca () libero it>
Date: Sun, 23 Mar 2008 17:36:10 +0100

There're more complications: who owns/controls the service can track 
down your movements between different webplaces, profiling your common 
habits/preferences. How long before banners will follow your navigation 
trough different websites where you use the same identity token?

CtrlAltCa

Paul Schmehl wrote:

In general, I am opposed to anything that encourages people to use the same 
id and password across multiple domains.  The potential for complete 
compromise of everything you have/own/are is too great.

Paul Schmehl (pauls () utdallas edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]