[OpenID] Yahoo hijacking?

SitG Admin sysadmin at shadowsinthegarden.com
Sat Apr 19 01:55:12 UTC 2008


>This realm discovery feature was added  to patch a security hole in 
>OpenID 1.1, and is one of the main reasons why Yahoo does not 
>support OpenID 1. More details here:
>
>http://openid.net/pipermail/security/2007-February/000241.html

Is this feature exclusive to Yahoo, or is it part of the 2.0 specs?

-Shade



More information about the general mailing list