OpenID Auth 2.0 security considerations

Recordon, David drecordon at verisign.com
Tue Jan 30 20:02:02 UTC 2007


Is there a wiki page that exists to point to? Josh and Johnny, see any
issues with this?

Also any wording to propose Johannes?

Thanks,
--David

-----Original Message-----
From: Johannes Ernst [mailto:jernst+openid.net at netmesh.us] 
Sent: Tuesday, January 23, 2007 12:57 PM
To: Recordon, David
Cc: specs at openid.net
Subject: Re: OpenID Auth 2.0 security considerations

Given where we are in time, I would suggest to make the smallest amount
of changes possible to the document, i.e. leave everything as is, just
add this one link.


On Jan 23, 2007, at 11:59, Recordon, David wrote:

> I don't see a problem with that.
>
> Would you propose the majority of the security considerations section 
> in the current draft be moved to the wiki?  What would be the balance 
> between spec and wiki page?
>
> --David
>
> -----Original Message-----
> From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On 
> Behalf Of Johannes Ernst
> Sent: Monday, January 22, 2007 12:15 PM
> To: specs at openid.net
> Subject: OpenID Auth 2.0 security considerations
>
> What about a non-normative link from the spec to a place on the wiki 
> where we can collect security considerations for it, and update those 
> in real-time as discussions such as the phishing one progress.
>
>
>
> _______________________________________________
> specs mailing list
> specs at openid.net
> http://openid.net/mailman/listinfo/specs




More information about the specs mailing list