As I've said before, I think launchpad as an openid provider would be helpful for use by relatively low-risk sites like bug trackers and loco team web sites.
But note the many associated security and privacy risks, as documented at
by Stefan Brands in "The problem(s) with OpenID" http://www.idcorner.org/?p=161
Launchpad should test and document ways to lessen the risks of phishing and of cross-site scripting attacks and note the privacy issues. And I don't see much benefit in having launchpad accept openids from other providers since the security exposure can be pretty big.
And launchpad may also want to consider being a provider for much more secure systems like InfoCard for riskier scenarios
As I've said before, I think launchpad as an openid provider would be helpful for use by relatively low-risk sites like bug trackers and loco team web sites.
But note the many associated security and privacy risks, as documented at www.idcorner. org/?p= 161
by Stefan Brands in "The problem(s) with OpenID"
http://
Launchpad should test and document ways to lessen the risks of phishing and of cross-site scripting attacks and note the privacy issues. And I don't see much benefit in having launchpad accept openids from other providers since the security exposure can be pretty big.
And launchpad may also want to consider being a provider for much more secure systems like InfoCard for riskier scenarios
http:// www.identityblo g.com/
Also, see a proposal for Ubuntu supporting the client side of InfoCard at /wiki.ubuntu. com/IdentitySel ector
https:/