]> http://www.kai-mai.com/tags/openid Nodes containing the tag openid en http://www.kai-mai.com/node/123 <p> Slowly, more and more sites have supported login using <a href="http://en.wikipedia.org/wiki/OpenID">OpenID</a>. </p> <p> The selling point of OpenID is that you can use one login to access varies sites. This is very convenient. But I am worried about losing the same passwords for all the OpenID supported sites I access. There are so many <a href="http://en.wikipedia.org/wiki/Phishing">phishing</a> activities going on to steal passwords. I need something that's not password-based. </p> <p> I came across <a href="https://certifi.ca">Certifi.ca</a> which is a password-less OpenID provider using SSL certificate for <a href="http://en.wikipedia.org/wiki/Public-key_cryptography)">public key-based</a> authentication. The basic idea is that you store your public SSL certificate(public key) and the private key in your browser. Certifi.ca identifies you by your public key, and uses your public key to encrypt communication between your browser and itself. Your browser with the private key is the only one that can decrypt the communication. There's no password needed! </p> <p class="awTags_TagLinks">Tags: <a href="tags/192">ssl</a> <a href="tags/193">certificate</a> <a href="tags/194">public</a> <a href="tags/195">key</a> <a href="tags/196">openid</a> <a href="tags/197">provider</a> <a href="tags/198">certifi.ca</a> <a href="tags/200">cacert.org</a> </p> ssl certificate public key openid provider certifi.ca cacert.org Tue, 25 Dec 2007 17:21:36 -0800