RE: attribute exchange value encoding

I agree with Claus. We may not need a base64 type. Guoping -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Claus Färber Sent: Tuesday, May 29, 2007 3:33 AM To: specs@openid.net Subject: Re: attribute exchange value encoding Johnny Bufu schrieb: The

RE: attribute exchange value encoding

Johnny: I have a couple comments on Section 3.3.2 Default Encoding of a Binary Value. First, the character set of standard Base64 encoding is not URL-safe. Specifically, '+', '/' and '=' need to be URL-encoded. So, we need to URL-encode the value after base64 encoding. Secondly, different

RE: Proposal for improved security of association establishment in OpenID2.0

Hans: Thank you for your comments. I agree with you that not vulnerable to *this* man in the middle attack is more accurate. Regards, Guoping -Original Message- From: Granqvist, Hans [mailto:[EMAIL PROTECTED] Sent: Friday, May 18, 2007 10:14 AM To: Guoping Liu; OpenID specs list