[security] Who bears the risk..
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Thu Oct 26 18:00:28 UTC 2006
Daniel E. Renfer wrote:
> On a somewhat related note, if a site uses Passport for their login
> system, and Microsoft's servers become compromised, who is liable?
Most interesting question! My guess is, that in this case, this would be
Microsoft, which has an insurance for such cases (except cash by their
own), to cover any negligence from their side. Considering that you took
Microsoft as an example, than I suspect, that a license agreement of the
service moves everything to the user ;-). So courts may have sometimes
another opinion about this...but the most important thing is in this
specific example is perhaps, that there is liability and it has to be
covered in one way or the other. Understanding this, is already a step
forward...
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061026/afd62400/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eddy_nigg.vcf
Type: text/x-vcard
Size: 636 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061026/afd62400/attachment-0002.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7282 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061026/afd62400/attachment-0002.bin>
More information about the security
mailing list