Fwd: Re: [WEB SECURITY] (Yadis) yet another distributed identity system

Chris Hammond-Thrasher chris.hammond-thrasher at hushmail.com
Fri May 20 12:04:32 EDT 2005


Thank you for bringing this to the attention of the list. Another 
example for the Ajax and security thread that I just stumbled 
across is Richard Jones' Gmail S/MIME Firefox extension (version 
0.1.1) available at http://www.richard.jones.name/google-


On Fri, 20 May 2005 07:56:39 -0700 Jeremiah Grossman 
<jeremiah at whitehatsec.com> wrote:
>OpenID (http://www.danga.com/openid/), developed by the creators 
>LiveJournal, is another attempt at a single sign-on system. The 
>is similar TypeKey and Password, but focused more towards blogs 
>promises to actually be "distributed".
>"An OpenID-enabled site/blog lets you authenticate using your 
>login from your homesite (whether that's on your own server or a 
>service) without giving away your password to the 3rd-party site 
>visiting, or making a new account there, or giving away your email 
>address. And it's secure, and can run entirely in the browser 
>extensions, without moving between pages."
>The overview mentions the possible use of SAML, which might be of 
>interest to the conversation of about placing XML services in Ajax 
>There is also a demo available using Ajax:
>and detailed system specifications:
>The Web Security Mailing List
>The Web Security Mailing List Archives

The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list