OpenID Auth 2.0 security considerations
Johnny Bufu
johnny at sxip.com
Tue Jan 30 21:35:12 UTC 2007
David,
No issues from me - I too believe a non-normative link to a wiki site
would work best, while keeping the security consideration section we
have now.
Thanks,
Johnny
On 30-Jan-07, at 12:02 PM, Recordon, David wrote:
> Is there a wiki page that exists to point to? Josh and Johnny, see any
> issues with this?
>
> Also any wording to propose Johannes?
>
> Thanks,
> --David
>
> -----Original Message-----
> From: Johannes Ernst [mailto:jernst+openid.net at netmesh.us]
> Sent: Tuesday, January 23, 2007 12:57 PM
> To: Recordon, David
> Cc: specs at openid.net
> Subject: Re: OpenID Auth 2.0 security considerations
>
> Given where we are in time, I would suggest to make the smallest
> amount
> of changes possible to the document, i.e. leave everything as is, just
> add this one link.
>
>
> On Jan 23, 2007, at 11:59, Recordon, David wrote:
>
>> I don't see a problem with that.
>>
>> Would you propose the majority of the security considerations section
>> in the current draft be moved to the wiki? What would be the balance
>> between spec and wiki page?
>>
>> --David
>>
>> -----Original Message-----
>> From: specs-bounces at openid.net [mailto:specs-bounces at openid.net] On
>> Behalf Of Johannes Ernst
>> Sent: Monday, January 22, 2007 12:15 PM
>> To: specs at openid.net
>> Subject: OpenID Auth 2.0 security considerations
>>
>> What about a non-normative link from the spec to a place on the wiki
>> where we can collect security considerations for it, and update those
>> in real-time as discussions such as the phishing one progress.
>>
>>
>>
>> _______________________________________________
>> specs mailing list
>> specs at openid.net
>> http://openid.net/mailman/listinfo/specs
>
>
More information about the specs
mailing list