[OpenID] Yahoo issue
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Mon Feb 4 16:53:17 UTC 2008
Hans Granqvist wrote:
> Interestingly, the spec does not mandate implementation of
> any algorithm. Should it? (For comparison, TLS mandates
> algorithms for spec compliance: RFC 4346 section 9.)
>
> Also: should there be a way to extend the set of OpenID
> associations and authentication algorithms? (TLS has a
> mechanism for adding new algorithms, see for example
> RFC 2712)
>
I would say both time yes? Any specific reason why not?
--
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
> Hans
>
>
> On 2/3/08, Allen Tom <atom at yahoo-inc.com> wrote:
>
>> Hi Shane,
>>
>> The Yahoo OP does not support HMAC-SHA256 nor DH-SHA256, and thanks for
>> pointing out that our error response is not correct. We'll fix this soon.
>>
>> Thanks
>> Allen
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080204/5aeed26e/attachment-0002.htm>
More information about the general
mailing list