Certificated OpenID

March 5, 2007 in OpenID by Carsten Pötter | View Comments

Thomas Huhn of Social Media Blog and OpenID Directory has posted a review of certifi.ca which is another OpenID provider. Though certifi.ca is quite different to other providers.

Users don’t log in by providing a password rather by a browser based certificate. This is an interesting approach to fight phishing as scammers obviously can’t steal users’ passwords. The service works with VeriSign certificates as well as with free certificates from Thawte which I use. You can use certifi.ca with your existing OpenID; if you don’t have one yet, you can get one from certifi.ca.

I could test it just once, though. I have updated Firefox to version 2.0.0.2 later on and this version seems to have problems providing the certificate when more than one certificate is available for the website. Well, I have two certificates from Thawte. So it probably won’t work until the next version of Firefox. Well, at least I think that’s the problem at the moment (see Mozilla Links).

Though check it out. I think this is a very interesting approach to OpenID. A similar service seems to be prooveme.com which I have not tested.

Update (March 8): Ah, certifi.ca is working again for me. Great! :) I have not changed anything on my part, so either Evan and certifi.ca have changed things or something unknown and mysterious has caused it.

Tags:

  • Carsten Pötter
    Nic, I have tried the option on the "advanced" tab but to no avail. I have even exported one certificate so that I've had just one. However no success.

    Evan, it seems I need your help now. Sorry. It is recognised that I have a Thawte certificate so that I could register.
  • Hey, Carsten. You shouldn't have this problem -- let me know if you see it happen again.

    As a side note, certifi.ca now supports certs from GeoTrust, TC TrustCenter, StartCom, and CACert. I hope to get all the major client-side cert providers, but I'm testing them one at a time.
  • Firefox 2 has an option on the "advanced" tab of the preferences editor to ask you which certificate to present to a site. If you have multiple certificates that lets you pick which one you should use.

    With either certifi.ca or prooveme.com you should probably use just one certificate for an OpenID provider so it's easy to remember which one you're using when you OpenID authenticate.
blog comments powered by Disqus