An error occurred while saving the commentchris24 commented
Yahoo's OpenID implementation ( http://developer.yahoo.net/blog/archives/2009/09/yahoo_openid_hybrid.html ) certainly is interesting. I wonder if something like that could be standardized some way…
That’s a great idea. It’s certainly something that OPs and RPs should take into consideration.
There is currently some conversations going on about an OpenID Security Best Practices document; while the spec shouldn’t mandate SSL, it certainly should present the case for supporting it, ideally in a best practices doc.
This is a fair criticism and something that we want to address as we continue to make improvements to our newly relaunched website. It has a long way to go still, and this kind of feedback is very helpful in directing our attention. Thanks — and sorry to hear about your frustration.
An error occurred while saving the comment