Bogdan-Andrei Iancu wrote: > Juha, > > I'm not saying that re-using the nonce is against RFC and that the phone > is broken - I'm saying it is a security issue (stolen credentials) and > rejecting such auth requests does not break anything. >
Can this new security mechanism be disabled (in case something goes wrong and cannot be easily fixed), so that it'll go back to the old behavior? -- Dan _______________________________________________ Devel mailing list Devel@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/devel
