Discuss mailing list

[Alex Hanselka <alex AT opennicproject.org>]

On 9/6/12 8:54 AM, Brian Koontz wrote:
> On Thu, Sep 06, 2012 at 09:32:08AM +0100, Simon wrote:
>> In my opinion there is an advantage to staying completely separate from
>> mechanisms that the big players use, particularly when considered in the
>> context of freedom from potential pressure or abuse of this system by
>> the powers that be as another mechanism to try and exert censorship or
>> control.
> I think a good middle ground (suggested elsewhere) would be to
> introduce OpenID as an option.  Use it or ignore it, your choice.
> Although to be truthful, why can't there be a system that simply uses
> my PUBLIC KEY that's already on the keyserves for authentication
> purposes?  
>
> This part of OpenID has always bothered me:
>
>     >>Other than your provider, no website ever sees your password
>
> Why must this be?  Why can't someone come up with a system that does
> not require any password other than your passphrase for your secret
> key?
>
>   --Brian
>
>
The answer, I think, is because people are lazy and such. I welcome you
to invent such a system for OpenNIC, I think that would be amazing! The
only similar thing is cert based auth and only like 3 websites seem to
do it hah!