[OpenID] Fwd: OpenID Spoofing

Dmitry Shechtman damnian at gmail.com
Fri Jan 12 21:28:34 UTC 2007

Paul Madsen wrote:
> The user would see a nicely 'sealed' email

In order to get that seal, the phisher would have to either proxy either the
whole registration process or the email exchange.


More information about the general mailing list