[security] 2 possible flaws
gaz_sec at hushmail.com
gaz_sec at hushmail.com
Tue Apr 17 09:26:20 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all
I have been thinking about 2 possible flaws with OpenID providers,
I haven't had time to test any of them however because I've started
work on another project.
Now they might not even exist or they could possibly create huge
flaws in every provider worse case. I would like someone to test my
theories and see if the holes are possible to exploit.
What do you think it the best policy here? Do you think it is safe
for me to publically dicuss this?
Cheers
Gareth
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5
wpwEAQECAAYFAkYkkkMACgkQrR8fg3y/m1CtSgP/Rn/9x6Syj2+h4Cig9Q7xckz10H2m
MwGyZ1CDMrFlQjR0tAeLA2PVspbm+FsxsJawd5xwDFye3r4dUo4FBHew+1DFpeENXkK9
R+hzov+nWtDsyWD/KkGMNnJKhtk7Olg2I8A3I7wJk0W60L0FYJcPrkUoInHrk3vFl25z
SIY13Iw=
=gJCA
-----END PGP SIGNATURE-----
--
Click for dental plans with huge savings, top service and coverage
http://tagline.hushmail.com/fc/CAaCXv1KbKwI3IpjFWyPg3WhkB9IL5tz/
More information about the security
mailing list