I agree with the comments made by Jeff (in a recent post called “Compendium of OpenId Issues”) about current OpenId limitations. I’ve also found the analysis made by Stefan Brand in his post about current OpenId issues very educational and comprehensive.
Of course, I believe that OpenId provides value but I also see some of the key limitations and related threats (in terms of privacy, security and trust), when considering them from (1) an end-user perspective and (2) potential future adoption of OpenId in enterprise contexts – if “valuable” transactions and/or assets are involved.
Kim Cameron’s post, called “Integrating OpenId with InfoCard”, suggests an interesting approach to mitigate some of these issues (in particular identity phishing) by leveraging InfoCard/CardSpace. I’ve also found in the web other people’s suggestions and ideas on how to solve other specific issues.
However, in general, what is OpenId community’s reaction to these issues and criticisms? Is there any site/documents tracking these issues and describing how the OpenId community thinks to address them, along with plans/roadmaps?
No comments:
Post a Comment