27 messages in net.openid.general[OpenID] An OpenID "mobile" Hint?
FromSent OnAttachments
David RecordonJun 4, 2008 2:08 pm 
Hans GranqvistJun 4, 2008 2:34 pm 
David RecordonJun 4, 2008 4:50 pm 
Johannes ErnstJun 4, 2008 9:49 pm 
Nat SakimuraJun 4, 2008 11:51 pm 
Martin AtkinsJun 5, 2008 12:02 am 
Kick WillemseJun 5, 2008 3:49 am 
Steven Livingstone-PerezJun 5, 2008 4:06 am 
SitG AdminJun 5, 2008 8:31 am 
Johannes ErnstJun 5, 2008 9:15 am.gif, .gif
David RecordonJun 5, 2008 9:50 am 
David RecordonJun 5, 2008 9:51 am 
Martin AtkinsJun 5, 2008 10:35 am 
SitG AdminJun 5, 2008 12:42 pm 
Martin AtkinsJun 5, 2008 1:34 pm 
SitG AdminJun 5, 2008 3:58 pm 
Nat SakimuraJun 5, 2008 6:59 pm 
Nat SakimuraJun 5, 2008 7:06 pm 
Nat SakimuraJun 5, 2008 8:36 pm 
Martin AtkinsJun 6, 2008 12:06 am 
Johannes ErnstJun 6, 2008 3:08 pm 
Warren JamisonJun 6, 2008 6:05 pm 
Carsten PötterJun 6, 2008 8:47 pm 
Brandon RamirezJun 7, 2008 10:28 am 
Brandon RamirezJun 7, 2008 10:33 am 
SitG AdminJun 7, 2008 9:22 pm 
Tan, WilliamJun 16, 2008 10:57 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[OpenID] An OpenID "mobile" Hint?Actions...
From:Johannes Ernst (jern@netmesh.us)
Date:Jun 6, 2008 3:08:56 pm
List:net.openid.general

Yes -- as always if you list multiple OPs in the same XRDS file.

In this case, the only alternative seems to be "does not work" (i.e. user cannot log on from the mobile phone)

Or am I not understanding you?

On 2008/06/05, at 18:07, Josh Hoyt wrote:

On Thu, Jun 5, 2008 at 9:16 AM, Johannes Ernst <jernst+openid.net at netmesh.us> wrote:

The scenario is that I have a preferred OP on the PC-class device that I like because, say, it has a hardware device attached to it for security purposes.

Now I'd like to log on, with the same identifier, from my iPhone that does not have the same hardware device attached: I will be redirected to the OP that then cannot authenticate me.

Doesn't this severely compromise the security provided by the hardware device unless a similarly strong measure can be used on the phone?

Josh