In June we made a change in SSO requirements: https://groups.google.com/group/google-apps-apis/browse_thread/thread/35c9d1a049ef71f3
It was in response to an issue which security researchers reported to us about the Google Apps SAML service provider. Now that the details of the security issue are published: http://www.kb.cert.org/vuls/id/612636 we would like to thank Alessandro Armando, Roberto Carbone, Luca Compagna, Jorge Cuellar, and Llanos Tobarra Abad with the AVANTSSAR project for responsible disclosure of this vulnerability. Their paper which describes using a model checker on the SAML protocol implementation to uncover a vulnerability is here: http://www.ai-lab.it/armando/pub/fmse9-armando.pdf -alex --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
