Improving the Usability and Security of OpenID
OpenID is gaining popularity as an Internet identity system. Nonetheless, it is widely recognized that both usability and security issues are limiting the adoption and applicability of OpenID as it exists today; both kinds of issues can be improved by the introduction of an active client for OpenID. In this session we describe a community collaboration to explore these issues through working code. We demonstrate an experimental multi-protocol version of Windows CardSpace that enables end-users to bring their OpenIDs with them to sites, while mitigating phishing attacks, including its use at production OpenID sites.