-Original Message-
From: Peter Watkins [mailto:pet...@tux.org]
Sent: Friday, February 06, 2009 8:29 PM
To: McGovern, James F (HTSC, IT)
Cc: specs@openid.net
Subject: Re: OpenID Security
What do you mean, the implementation? There is no the
implementation.
Are you arguing that for the
Likewise, the protocol can be defined as weak where someone may
apply additive security on top of it. Kinda like doing SMTP over TLS
and/or S/MIME.
Is that what Ben Laurie meant in the footnote?
http://openid.net/pipermail/security/2008-August/000404.html
A given implementation of OpenID