[Python-Dev] Offtopic: OpenID Providers
jcea at jcea.es
Mon Sep 9 17:11:21 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 06/09/13 21:34, R. David Murray wrote:
> Note that I said that single signon *itself* was overrated. If you
> use the same token to authenticate to multiple sites (and here the
> 'token' is the email address) then your identities on those sites
> are ipso facto associated with each other. *If* that email address
> is also never leaked (never displayed, even to other signed on
> users, all communication with the site encrypted), then you only
> have to worry if the sites exchange information about their
> accounts, or if the government comes knocking on their doors....
> Yes, I'm paranoid. That doesn't mean they aren't listening.
Being paranoid is good. Fix for this is actually trivial: Use
different emails for different "personalities".
If you are doing things you really NEED to hide, virtual machines and
TOR is the way to go.
Jesús Cea Avión _/_/ _/_/_/ _/_/_/
jcea at jcea.es - http://www.jcea.es/ _/_/ _/_/ _/_/ _/_/ _/_/
Twitter: @jcea _/_/ _/_/ _/_/_/_/_/
jabber / xmpp:jcea at jabber.org _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the Python-Dev