[security] OpenID Security Best Practices Doc
Allen Tom
atom at yahoo-inc.com
Mon Jun 8 21:03:47 UTC 2009
Hi All,
As part of the OpenID 2.1 Working Group proposal, I've been nominated to
edit the OpenID Security Best Practices document, which will be a living
document that contains security related best practices as determined by
the community.
Although we haven't officially kicked off the OpenID 2.1 WG yet, OpenID
has been gaining a lot of momentum and interest lately, so it's
definitely time to start writing it.
Here's a very rough draft that captures many security related
discussions that we've had on the OpenID mailing lists and also at
meetups like the Internet Identity Workshop.
http://wiki.openid.net/OpenID-Security-Best-Practices
Feedback and suggestions are more than welcome. As mentioned, this is
intended to be a living document, so we fully expect the document to
continue to evolve over time.
Thanks
Allen
More information about the security
mailing list