[OpenID] The HTTPS in the OpenID (Re: Bug in OpenID RP implementations)
Peter Williams
pwilliams at rapattoni.com
Mon Jan 5 09:09:42 UTC 2009
> -----Original Message-----
> From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
> Behalf Of Eric Norman
> Sent: Sunday, January 04, 2009 11:43 PM
> As Eddy (and lots of others) said, there are almost certainly
> no certificates in the field that have been forged with this
> attack.
Eddy, did you really say that? "almost certainly no certificates...?"
If you know of a URL that disproves this, perhaps send it to Eric. I'd expect most people in the CA business to know it. Even the folks at cacert.org know it...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090105/39c70b25/attachment-0002.htm>
More information about the general
mailing list