please reduce the four registrations on the single winehq.org site.
Dan Kegel
dank at kegel.com
Tue Jul 21 06:54:02 CDT 2009
Steven Edwards wrote:
> Based upon my recollection there was a lot of contempt for OpenID at
> the last wineconf. Maybe the situation has changed recently...
For those new to the story, OpenID is incredibly insecure. See for example
http://marcoslot.net/apps/openid/
http://www.gnucitizen.org/blog/hijacking-openid-enabled-accounts/
http://www.techafina.com/posts/openid-benefits-and-risks/
http://kuza55.blogspot.com/2007/01/insecure-openid-features.html
Moreover, it's hard to use, as shown by usability testing at Yahoo:
http://www.betanews.com/article/Yahoo-usability-tests-bode-ill-for-OpenID-takeup/1224102932
In short: if you care about your data or your identity, stay far away
from OpenID.
Now, if you absolutely must use OpenID, there are people working on
making it more secure. For instance, Google is giving it a shot; see
http://google-code-updates.blogspot.com/2009/05/google-openid-api-taking-next-steps.html
But I doubt the wine community wants to go there.
Better to implement a plain old shared password database between
our four services.
- Dan
More information about the wine-devel
mailing list