Rowan Thorpe's Profile

Recent activity

A comment on the idea "OpenID Support" in Twitter:

there's a typo in one of those links: it should be http://certifi.ca rather than http://certif.ca – Rowan Thorpe, on October 23, 2009 13:37
Rowan Thorpe replied on September 29, 2009 12:37 to the idea "OpenID Support" in Twitter:

Of course twitter should use OpenID, like http://identi.ca does ;-)

To the people voicing concerns about OpenID's single-point-of-vulnerability and the issue of trusting one provider with a password to so many other services, check out the SSL-certificate based OpenID providers like http://certif.ca or http://myopenid.com (which both provide free-services).

They use your own browser's OpenSSL functionality to generate a public/private key-pair on your machine and the private key stays on your machine. They never even get it, so you know your private key is only in your hands and no-one else's (and it's way more secure than plain passwords, and can also be password-protected itself, and can remove the need to enter any password from your home-machine at all). Once your key-login works OK, you can even remove the normal password (but then *don't* lose your key!), or as a backup you can still keep the normal password access for when you are on someone else's computer.

Do you think this is one of the best points? Mark it as a good point