No subject
Thu Jan 4 20:49:25 UTC 2007
"It is RECOMMENDED Identity Provider's protect their End Users from
requests for things like http://*.com/ or http://*.co.uk/."
Is there a list of such domains? Of course, one can take the list of
TLDs and ccTLDs, but as the *.co.uk example shows, there may be other
domains which should be considered too general to trust.
Thanks
AGL
--
Adam Langley agl at imperialviolet.org
http://www.imperialviolet.org 650-283-9641
More information about the specs
mailing list