Standards / Protocols:
- SREG is not supported yet
- Only OpenID 2.0 support, not OpenID 1.1
Login:
- Yahoo! ID -> username and password
Security / Phishing:
- SSL secured transfers
- Sign-in seal (a personal image)
- Relying parties with just an IP in the URL are not allowed
- Only ports 80 and 443 are allowed
- Warning to users if the relying party’s realm cannot be verified
- Blacklist of relying parties that misbehave
Miscellaneous / Future
- Flickr photostream also works as an OpenID
- Profile pages will be added
- Use of a form of Directed Identity: an auto-generated URL which is used for all relying parties, but users just have to type yahoo.com
- No multiple personas
- No support for microformats yet (except when Flickr is used as an OpenID)
- Supported by ID Selector
- Support for different languages; can also be specified by the relying party