fnokd!

In a thread on TheServerSide, commentors are discussing how much trust you can put into an OpenID identity. Even the OpenID literature speaks of a server that returns true to all queries. The argument seems to be that since you don’t control the OpenID server, you can’t trust the identity returned, making it [...]