=rabbit

My feedback

  1. 194 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    36 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    =rabbit commented  · 

    It's a demo OpenID. You could easily deny access to other websites. The user could be instructed that the OpenID is for demo purposes only and can only work at demo1.com, demo2.com, etc. You also wouldn't have to delete the account. If the user tries to login to another site, the user would be halted with a "Hey! This is only a demo but you're getting the idea!" sort of message.

    =rabbit supported this idea  · 
  2. 310 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    97 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →

    That’s a great idea. It’s certainly something that OPs and RPs should take into consideration.

    There is currently some conversations going on about an OpenID Security Best Practices document; while the spec shouldn’t mandate SSL, it certainly should present the case for supporting it, ideally in a best practices doc.

    =rabbit supported this idea  · 

Feedback and Knowledge Base