Final outstanding issues with the OpenID 2.0 Authenticationspecification
Dick Hardt
dick at sxip.com
Sun Jun 3 22:32:22 UTC 2007
On 17-May-07, at 10:57 PM, Alaric Dailey wrote:
> I hate to be a PITA but these issues were brought up a while ago by
> Eddy
> Nigg and Myself.
>
>
>
>
>
> -----Original Message-----
> From: joshhoyt at gmail.com [mailto:joshhoyt at gmail.com] On Behalf Of
> Josh Hoyt
> Sent: Thursday, May 17, 2007 15:50
> To: Alaric Dailey
> Cc: OpenID specs list
> Subject: Re: Final outstanding issues with the OpenID 2.0
> Authenticationspecification
>
> On 5/17/07, Alaric Dailey <alaricdailey at hotmail.com> wrote:
>> There are 2 issues that I would like to see addressed.
>>
>> 1. Forcing Encryption, to protect users data en-route.
This could be an extension. Enabling Encryption is an option. Hard
sell to force encryption.
>> 2. Validated assertions, validating certain bits of data with a third
> party.
>>
>> I know both of these have come up before, but have met with
>> resistence, I would submit that with Sun and AOL supporting OpenID
>> that these issues become more important, especially protecting the
>> users
> data.
We have done this type of stuff with Attribute Exchange.
More information about the specs
mailing list