[Owasp-board] openid extension on owasp.org?

Jeff Williams jeff.williams at owasp.org
Mon Jan 28 05:02:10 UTC 2008

OpenID is getting pretty popular with a number of providers accepting them.
It's not perfect, but it helps get away from so much username/password
authentication. The question is whether or not investing in this helps us
achieve our mission.


I want to be pretty careful about new technologies.  OWASP wasted 2 years
while trying to develop its own secure content portal.  Once we moved to
mediawiki, we've been growing steadily.  The problem isn't getting it in
place initially, it's what happens over time as we have to maintain this
kind of thing.


At this point, even though I think OpenID is a good application security
thing, I gotta vote no.




From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Dave Wichers
Sent: Sunday, January 27, 2008 7:12 PM
To: 'Sebastien Deleersnyder'; 'OWASP Foundation Board List'
Subject: Re: [Owasp-board] openid extension on owasp.org?


I don't know enough about this to comment on it one way or the other. Are
these becoming popular and how do they work?




From: owasp-board-bounces at lists.owasp.org
[mailto:owasp-board-bounces at lists.owasp.org] On Behalf Of Sebastien
Sent: Sunday, January 27, 2008 6:26 AM
To: 'OWASP Foundation Board List'
Subject: [Owasp-board] openid extension on owasp.org?




How about adding an OpenId extension to www.owasp.org
<http://www.owasp.org/>  ?






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20080128/d9dc8039/attachment-0002.html>

More information about the Owasp-board mailing list