OpenID security
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Wed Oct 25 00:18:48 UTC 2006
Hans Granqvist wrote:
> Depends on what people on the list want. How about you?
A. It's not complete
B. It has a geeky approach (which is really OK), but I'd prefer a clear
cut model of security defined, i.e. only options which define certain
levels, but not unsecured ones
As in a previous mail on the list just was pointed out, if you give the
option to have unsecured parts (and depending on the default), then the
secured option will be less taken. I wasn't really sure also, who
defines the options: the IDP or the RP? If only the IDP decides on that,
then this might be OK, since the IDP can advertise, that he is running
only in secure mode...making others less attractive....
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061025/9d0d2385/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eddy_nigg.vcf
Type: text/x-vcard
Size: 636 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061025/9d0d2385/attachment-0002.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7282 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061025/9d0d2385/attachment-0002.bin>
More information about the general
mailing list