[SPAM]Re: security
Gabe Wachob
gabe.wachob at amsoft.net
Mon Oct 23 19:01:15 UTC 2006
>
> OpenID covers the low to medium-high range of the security
> spectrum. If you want the high-end range, you should look
> elsewhere, as OpenID's dependencies prevent it from reaching
> that level!
Actually, I think there's no reason the base auth 2.0 specification can't be
the basis for "high-end" - its just that there's clearly more needed. I've
always believed that the "high-end" stuff can be layered on, in the form of
operational requirements and extension elements.
This won't happen in the very short term, so Hans' admonition stands if you
are looking for a solution in the short term (ie less than 6 months at
least).
-Gabe
More information about the general
mailing list