Ben Laurie wrote: > David Recordon wrote: >> So, a modest proposal that I hope gets the conversation going again. >> http://openidconnect.com/ > > If the goal is to get something as weak as possible without it instantly > collapsing around your ears, then this sounds like a great plan.
Not a bad description of diffie-hellman based OpenID either. Got any more specific critiques of OAuth 2 for those of us who haven't yet heard security arguments against it? -- http://josephholsten.com _______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
