[OpenID] About securing my OpenID
Evan Prodromou
evan at prodromou.name
Tue Jul 3 16:14:12 UTC 2007
On Tue, 2007-03-07 at 10:52 -0500, Alaric Dailey wrote:
>
> I think he is actually talking about cookie stealing, which is still
> possible. Besides, if the relying site falls for a spoof site, because the
> tool kit doesn't force SSL or because of poorly constructed login
> mechanisms, then fraudulent logons are still possible.
>
> Biting my tongue so I don't rant.
That's probably the wrong level of detail for this kind of confused
question.
-Evan
--
Evan Prodromou - evan at prodromou.name - http://evan.prodromou.name/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4422 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070703/54680633/attachment-0002.bin>
More information about the general
mailing list