Skip to content

Ideas

We want your OpenID Ideas! Think you’ve come up with a way to improve OpenID? Recognize a good idea when you see one? We want to hear from you!

My idea is ...

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

1 result found

  1. Encourage OpenID supported websites to have SSL option

    Alot of websites that support OpenID do not use SSL (https://), instead they only have the unsecured http://. My idea is, work with the existing and also new OpenID supported websites and encourage them to setup an https:// version of their website. For example, facebook's url could be https://www.facebook.com. The websites don't have to use https as their default url because SSL is a bit slower. But by having an SSL option it will mean OpenID users will have their info encrypted and it lowers the security risks with OpenID.

    310 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    161 comments  ·  Flag idea as inappropriate…  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    under review  ·  AdminChris Messina (Admin, OpenID) responded

    That’s a great idea. It’s certainly something that OPs and RPs should take into consideration.

    There is currently some conversations going on about an OpenID Security Best Practices document; while the spec shouldn’t mandate SSL, it certainly should present the case for supporting it, ideally in a best practices doc.

  • Don't see your idea?

Ideas

Categories

Feedback and Knowledge Base

(thinking…)