What is Digg?90 Comments
- freshyill, on 02/12/2008, -9/+39Please stop referring to companies by their stock symbol. It makes you look like a jackass.
- tritisan, on 02/12/2008, -2/+13no offense, but it's actually quite a big problem that needs to be addressed. And it's a lot more than a single sign-on solution. It's about who owns your identity and controls access to it. The next step in 'net evolution will involve the implementation of a "social layer", built right into the protocol on a deep level. If done correctly, this will mean far more online security, elimination of spam, no need to create a unique ID for every site, among other things.
But I'm not an expert on this subject. Check out Kaliya Hamlin, who's been tracking and advocating this concept for years: http://www.identitywoman.net - madk, on 02/12/2008, -18/+28Open ID is a great example of a solution to a problem that doesn't need fixed.
- alwaysmc2, on 02/12/2008, -4/+11How can you get more end-user friendly than typing in a username and password? Open ID makes you give a server in addition to a username and password. More over, if you have signed in with multiple IDs and have told it to remember the passwords, Live ID lets you just click on the one with which you want to sign in and it will.
I do like OpenID, but I feel the need to point out your flawed logic... - Drizzit, on 02/12/2008, -2/+9The problem with single sign on systems is that if you're id is compromised EVERYTHING is compromised.
- danqueca, on 02/12/2008, -3/+9This is the beggining, then they will introduce the Open ID chip, that can be attached to your body, and then well, you know the rest....
- mrsteveman1, on 02/12/2008, -4/+10Are they going to start linking all these separate identities together? As far as i can tell OpenID just means you can use one of your various IDs anywhere, but to do that yahoo has to know that your yahoo ID, your google ID, and your 20 other user names at various sites, are all linked to the same person.
In other words how does google know that my yahoo name is linked to MY google account? The usernames are different and I haven't told them anything - DAaaMan64, on 02/12/2008, -3/+9fixing*
That did need fixing. - zephc, on 02/12/2008, -2/+8The solution to multiple IDs/passwords is to have a secure *local* password manager, a la Apple's Keychain, not some globally-accessible database for all users.
- dorkslayer, on 02/12/2008, -1/+5Jesus wept. Do you really want to use the same profile for banking as for your Yahoo spam account? Or your Facebook account and your Amazon account? Now who's being stupid? There are aren't even half a dozen sites for which I care about securing my sign in information. Every other site I'll use the same trivial password (e.g. "password"), and if my account gets hacked I don't care -- I just create a new one.
- Otto, on 02/12/2008, -2/+6This is one of the main problems with OpenID. Everybody wants to be an OpenID provider. You have to decide which ID you want to use everywhere else. And most of these other providers don't provide you a way to hook your existing account to an ID from elsewhere, because they want you to use theirs.
Of course, if you have you own domain, then you simply use that as your only ID and there you go. You login everywhere with that. - agentVivid, on 02/12/2008, -1/+5::opts out::
- fkr3, on 02/12/2008, -0/+3Cloud? Ecosystem? It's a single sign on system....
- redxii, on 02/12/2008, -2/+5Microsoft?
Obviously they have some ulterior motive, guilty guilty guilty! - MaTT2011, on 02/12/2008, -6/+9Do not want
- dorkslayer, on 02/12/2008, -1/+4"links ad serving to the ... authentication provider"? I'm liking this less and less.
- inajeep, on 02/12/2008, -2/+5It's the same title that ars uses and they don't strike me as being a jackasses.
- tybris, on 02/12/2008, -0/+3Because facebook has some magical tool that makes DNS names a valid, trustworthy credential?
- dogstar0125, on 02/12/2008, -0/+3Nobody is going to be required to support this. But the sites that do support it may force users to use it. Like Microsoft did with Passport.
- dorkslayer, on 02/12/2008, -2/+5So now you're managing multiple OpenIDs? That's even worse.
- zephc, on 02/12/2008, -0/+2i have a laptop
- dlsspy, on 02/12/2008, -0/+2Is that different today on any site that allows for password recovery via email?
- TritonX, on 02/12/2008, -1/+3I use and recommend https://www.myopenid.com/
Anyone know of other OpenID providers? - hansonc, on 02/12/2008, -1/+3and if it's compromised it's probably your own fault for setting your password to "password"
- Otto, on 02/13/2008, -0/+2No, that's not how OpenID works at all.
Basically, OpenID is a single sign-on system. Say I use my OpenID on some site. That site looks at my ID and then talks to my OpenID Server to authenticate me. My OpenID server asks for my username and password or whatever, and then says "hey, this other site wants to know that you're you. Is that okay?" You say yes, and then the OpenID server passes back a "yes" to the original server, which then logs you in or whatever it does.
In other words, you only login to one place: Your OpenID server. Anybody who wants to verify that you are you asks that server to authenticate you. No private information is necessarily stored anywhere, this is just for having one login for every service you use, and only logging into one place.
Now, yes, your OpenID server does indeed hold all the keys. It's what says that you are you. But the protocol is well known and you can run your own on any webpage, if you like. Anybody can run an OpenID server, but they can't pretend to be you with them unless they can gain control of your unique URL (your webpage, basically). - docstout, on 02/12/2008, -0/+2Just have to make sure to implant the chip in the head. If not, a person could still cut off a body part to escape the government "24" style.
- HigherLogic, on 02/12/2008, -3/+5I don't have to remember my usernames or passwords anyways, Opera stores that for me and the wand magically fills it in :)
- mranderson86, on 02/12/2008, -0/+2I'm not religious at all but this makes sense when talking about OpenID and RealID: And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads: And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
Revelations 13; 16-17 - bowe, on 02/13/2008, -0/+2So if one guy gets your Openid password and login, he's got a way into your bank account, email, ceelphone, etc. Awesome! I'd rather frustrate my brain to remember a few logins, than have my entire identity stolen. It's just a bad idea. Open ID is one lock on your front door, whereas multiple passwords is like having a regular lock on your door, a deadbolt, and a safe inside. How long before the government passes a bill requiring the disclosure of citizens ID's in order to track them around the internet?
- cerejota, on 02/12/2008, -2/+4On the other hand, having to change your password only at one point of failure that automatically changes all your other passwords into unbreakable hashes means people will be more open to implement password best practices. Just because you can remember 20 passwords doesnt mean that normal people can...
- sputza, on 02/12/2008, -0/+2I just hope these companies can work together well and it doesn't turn into a pissing contest of power.
- tybris, on 02/12/2008, -2/+4The real problem is that it is so darn easy to compromise (through DNS or phishing).
- meruru, on 02/12/2008, -2/+4Except if your OpenID ever was stolen/hacked/whatever. If anyone got a hold of that then they'd have access to everything that accepts OpenID which would make it less safe.
- tybris, on 02/12/2008, -1/+3No one uses a hundred different logins for a hundred different sites. They all use the same login for a hundred different sites. ;-)
- Visarga, on 02/12/2008, -2/+4This is potentially very dangerous - kind of like issuing ID cards or unifying govt databases across multiple fields. Why should my Yahoo mails be associated to my Google searches and MSN chat logs?
BAD NEWS for all who value privacy! - hansonc, on 02/12/2008, -1/+3How's that work for you when you're away from your computer?
- jisatsusha, on 02/12/2008, -0/+1Livejournal supports it. It pretty much started there.
- hansonc, on 02/12/2008, -0/+1Livejournal.com
You can also run your own OpenID server on your own webpage so you can be known everywhere as TritonX@mydomain.com - davidwankenobi, on 02/12/2008, -0/+1OMG this is a stupid idea! Yes, let's give the hackers access to every single business, forum, email, banking, and personal account we own all in one nice, easy package. The REAL reason for this is to force you to identify yourself to use the Internet. This is nothing but another example of the erosion of our rights and invasion of our privacy.
- fkr3, on 02/12/2008, -1/+2They're well on their way though. If Ars can see a bandwagon they'll jump on it these days.
- alpinekarst, on 02/12/2008, -1/+2https://pip.verisignlabs.com/
- hansonc, on 02/12/2008, -0/+1it's not a single point of failure unless you consider Google.com, Yahoo.com, Hotmail.com, Livejournal.com mypersonaldomain.com etc as a "single point of failure"
- laut, on 02/12/2008, -0/+1Problem 1: remembering different usernames and passwords on different websites. Problem 2: If you are using the same password on multiple websites, one of those websites can obtain that password and use it to log in the other sites.
- secretmode, on 02/12/2008, -1/+2I need some privacy kthxbye
- jbond, on 02/13/2008, -0/+1OpenID might have more pressing priorities, however. There is a growing perception that not all parties are really taking OpenID seriously. TechCrunch complains, for instance, that only Google has become a "relying party" that allows third-party OpenIDs to access (some) of its services. It's one thing to say "hey, we love OpenID," but it's quite another to actually support it and allow users access to your services through OpenID.
From the OpenID site. "Today there are over a quarter of a billion OpenIDs and well over 10,000 websites to accept them." SO it's not all bad. But we do need more OpenID Consumer sites - Atomic1fire, on 02/12/2008, -0/+1actually Open-ID is improving
http://yahoo.com
as opposed to http://openid.aol.com/screename
you know your account is with yahoo
so remembering that isn't difficult
As more providers and consumers join and the longer Open-ID exists
the more it will improve
As with yahoo and directed Identity - Atomic1fire, on 02/12/2008, -0/+1with what
.mac?
I think we have a trust issue before you can implement OpenID into payed services - TritonX, on 02/12/2008, -0/+1but isn't there the problem of getting your server authenticated or trusted?
I thought of doing it, but that was a major concern for me. - dlsspy, on 02/12/2008, -0/+1No, it works pretty much out of the box. If you're worried about it, monitor your home page for changes.
-
Show 51 - 90 of 90 discussions
Browsing Digg on your phone just got easier with our enhancements to the 
© Digg Inc. 2009
— Content created and posted by Digg users is