

Hijacking Open ID-Enabled Accounts - dpapathanasiou
http://www.gnucitizen.org/blog/hijacking-openid-enabled-accounts/

======
tlrobinson
This isn't a flaw in the protocol, but rather the user management features of
one particular implementation.

