[security] Who bears the risk..
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Fri Oct 27 02:42:35 UTC 2006
Sorry, the sentence below should have been: "almost required SSL
security requirement *for IDP's*" and not as stated...
Eddy Nigg (StartCom Ltd.) wrote:
> Yes and no....But Pete answered most of the question, of which the
> answer I actually knew before...Somehow LiveJournal's (bad)
> implementation as an RP disturbed my thinking...
>
> I think, after having an almost required SSL security requirement for
> RP's (which I hope we can improve and limit to LAN's and networks out
> of the scope of public Internet for not being required), there is only
> the IDP's implementation of the login facility left...For this I'll
> make another example perhaps tomorrow...We are going now baby steps... ;-)
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061027/6b04c17b/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eddy_nigg.vcf
Type: text/x-vcard
Size: 636 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061027/6b04c17b/attachment-0002.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7282 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-security/attachments/20061027/6b04c17b/attachment-0002.bin>
More information about the security
mailing list