Comments on: Quick thoughts on XAuth http://www.xmlgrrl.com/blog/2010/04/21/quick-thoughts-on-xauth/ Tangled musings on identity, privacy, trust, and suchlike Sat, 08 Oct 2011 19:31:02 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Latrent http://www.xmlgrrl.com/blog/2010/04/21/quick-thoughts-on-xauth/comment-page-1/#comment-279544 Latrent Sun, 02 May 2010 00:13:28 +0000 http://www.xmlgrrl.com/blog/?p=2248#comment-279544 Instead of disabling it in every browser, edit your OS's equivalent of the /etc/hosts file and assign it the localhost address. 127.0.0.1 xauth.org After a reboot, no browser or application will be able to contact xauth.org for any reason. It might even bring up your local web server if you're running it. (I'm not so I'm not sure.) Instead of disabling it in every browser, edit your OS’s equivalent of the /etc/hosts file and assign it the localhost address.

127.0.0.1 xauth.org

After a reboot, no browser or application will be able to contact xauth.org for any reason. It might even bring up your local web server if you’re running it. (I’m not so I’m not sure.)

]]> By: Jean Kaplansky http://www.xmlgrrl.com/blog/2010/04/21/quick-thoughts-on-xauth/comment-page-1/#comment-279017 Jean Kaplansky Wed, 28 Apr 2010 17:00:42 +0000 http://www.xmlgrrl.com/blog/?p=2248#comment-279017 Win XP SP3: Google Chrome - successfully disabled Firefox 3.6.x - successfully disabled MS IE 7.0 - I got nuthin. No response from the disable button in any way shape or form. iPad Safari - Success (which is not what I expected since it's not supported on iphone Safari at all...) Mac OSX 10.5.8 Google Chrome - successfully disabled Firefox 3.6.x - successfully disabled Camino (one version back from current?) - nuthin. no response whatsoever Win XP SP3:

Google Chrome – successfully disabled
Firefox 3.6.x – successfully disabled
MS IE 7.0 – I got nuthin. No response from the disable button in any way shape or form.

iPad Safari – Success (which is not what I expected since it’s not supported on iphone Safari at all…)

Mac OSX 10.5.8

Google Chrome – successfully disabled
Firefox 3.6.x – successfully disabled
Camino (one version back from current?) – nuthin. no response whatsoever

]]> By: Liz Fraley http://www.xmlgrrl.com/blog/2010/04/21/quick-thoughts-on-xauth/comment-page-1/#comment-278196 Liz Fraley Thu, 22 Apr 2010 12:56:25 +0000 http://www.xmlgrrl.com/blog/?p=2248#comment-278196 Camino/MacOSX also failed to disable. iPhone/Safari reported "xauth is unsupported". Interesting, but it likely won't last...and I'll have to remember to check later (never good). Camino/MacOSX also failed to disable. iPhone/Safari reported “xauth is unsupported”. Interesting, but it likely won’t last…and I’ll have to remember to check later (never good).

]]> By: Eve http://www.xmlgrrl.com/blog/2010/04/21/quick-thoughts-on-xauth/comment-page-1/#comment-278045 Eve Wed, 21 Apr 2010 16:54:08 +0000 http://www.xmlgrrl.com/blog/?p=2248#comment-278045 Yeah, I've been discovering the limitations of disabling all morning. Sigh. Yeah, I’ve been discovering the limitations of disabling all morning. Sigh.

]]> By: Pamela Dingle http://www.xmlgrrl.com/blog/2010/04/21/quick-thoughts-on-xauth/comment-page-1/#comment-278043 Pamela Dingle Wed, 21 Apr 2010 16:45:57 +0000 http://www.xmlgrrl.com/blog/?p=2248#comment-278043 The Disable functionality is a joke. I'd have to disable it in 30 places, just to cover the devices and browsers I use a minimum of once a week. And how permanent is it anyway? The only acceptable way I see for this to happen is if I can opt-out at the identity provider such that they do not publish the XAUTH javascript on pages that I load in the first place, and therefore no extend call is made on any browser. I still have to opt out at every identity provider, but at least it's a persistent, meaningful setting at that point. The Disable functionality is a joke. I’d have to disable it in 30 places, just to cover the devices and browsers I use a minimum of once a week. And how permanent is it anyway?

The only acceptable way I see for this to happen is if I can opt-out at the identity provider such that they do not publish the XAUTH javascript on pages that I load in the first place, and therefore no extend call is made on any browser. I still have to opt out at every identity provider, but at least it’s a persistent, meaningful setting at that point.

]]> By: Robin Wilton http://www.xmlgrrl.com/blog/2010/04/21/quick-thoughts-on-xauth/comment-page-1/#comment-278034 Robin Wilton Wed, 21 Apr 2010 15:22:44 +0000 http://www.xmlgrrl.com/blog/?p=2248#comment-278034 Ah - so XAuth is just a "Circle", then... ;^( Interesting. For me, the "Disable" button works in Firefox/Ubuntu, but not in Firefox/Windows. Ah – so XAuth is just a “Circle”, then… ;^(

Interesting. For me, the “Disable” button works in Firefox/Ubuntu, but not in Firefox/Windows.

]]>