[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-users] single sign-on
From: |
Sylvain Beucler |
Subject: |
Re: [Savannah-users] single sign-on |
Date: |
Fri, 31 Jul 2009 23:36:24 +0200 |
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On Fri, Jul 31, 2009 at 05:49:30PM +0100, Davi Diaz wrote:
> Karl Goetz wrote:
> > OpenID consumer support?
>
> No, please! It is weak in security. I would like do not have to repeat here
> the discussion with dachary at IRC about the security weakness of the OpenID
> standard.
>
> Please, do not build infrastructures on weak bases!
<police mode>
- when things are moving off-topic, please change the subject
- back up your claims
</police mode>
Last time I discussed OpenID I understood it was an evolving
technology, so facts from 1 or 2 years ago probably don't apply
anymore, and was otherwise secure. AFAIU the main weakness would be a
use of shared-key cryptography on the first sp<->idp connection - are
you refering to that?.
--
Sylvain
- Re: [Savannah-users] Removing inactive user accounts, (continued)
- Re: [Savannah-users] Removing inactive user accounts, Randy Kramer, 2009/07/30
- Re: [Savannah-users] Removing inactive user accounts, list, 2009/07/30
- Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/30
- Re: [Savannah-users] Removing old user accounts with no past activity, Nicodemo Alvaro, 2009/07/30
- Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/30
- Re: [Savannah-users] Removing old user accounts with no past activity, Nicodemo Alvaro, 2009/07/30
- Re: [Savannah-users] Removing old user accounts with no past activity, Karl Goetz, 2009/07/30
- Re: [Savannah-users] Removing old user accounts with no past activity, Davi Diaz, 2009/07/31
- Re: [Savannah-users] single sign-on,
Sylvain Beucler <=
- Re: [Savannah-users] OpenID security? Is it a joke?, Davi Leal, 2009/07/31
- Re: [Savannah-users] Removing old user accounts with no past activity, Karl Goetz, 2009/07/31
- Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/31
- Re: [Savannah-users] Removing old user accounts with no past activity, Ray Wang, 2009/07/31
- Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/31
- Re: [Savannah-users] Removing old user accounts with no past activity, Karl Goetz, 2009/07/31
- [Savannah-users] Re: Removing old user accounts with no past activity, Miles Bader, 2009/07/31
- Re: [Savannah-users] Removing old user accounts with no past activity, Davi Leal, 2009/07/31
Re: [Savannah-users] Removing inactive user accounts, Karl Goetz, 2009/07/30