[security] MyOpenID
gaz_sec at hushmail.com
gaz_sec at hushmail.com
Wed Mar 21 19:14:33 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
No in my opinion the provider is following the correct
implementation of OpenID so I think it is a problem with OpenID
itself. It can be easily solved but provides inconvenience to the
user of the OpenID service. I shall email the flaw once the
provider has got back to me with a fix.
On Wed, 21 Mar 2007 18:55:21 +0000 "Paul C. Bryan"
<email at pbryan.net> wrote:
>On Wed, 2007-03-21 at 18:51 +0000, gaz_sec at hushmail.com wrote:
>
>> I do have a working example that works in 1 browser at the
>moment but
>> I can't send it because it is currently being fixed by MyOpenID.
>When
>> I find out it has been fixed I shall send the example to the
>list.
>
>Presumably, then, this second case is a bug in a provider
>implementation, not the protocol.
>
>Paul
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5
wpwEAQECAAYFAkYBg/QACgkQrR8fg3y/m1DD2AP/RK99u+piuJIZSeagnKa52/GOHfQz
8gpMXEbYyqdoEBXaTFZOf70PdlKXvHmTfQHj3r4RPu/kfL7PCne8pxYMUYKMqzZvNr1i
kysiLUxvpwqpSfL8+DUPVUaR7UcHNTgiZxUB3ODAEg8Id3Pv3balBKqq6QDd20PObzgx
oeObZs4=
=dOvu
-----END PGP SIGNATURE-----
--
Click for home mortgage, fast & free, no lender fee, approval today
http://tagline.hushmail.com/fc/CAaCXv1QbtYaYul5oRPJFR00oaubsEo0/
More information about the security
mailing list