Perhaps someone from VeriSign (Barry? Gary?) can comment on the viability of
http://xmlsig.sourceforge.net/
Hans
On Wed, Jun 10, 2009 at 11:54 PM, John Panzer wrote:
> My general impression is that something that requires two pieces of software
> to agree on an exact, bit for bit infoset repres
Sorry all. Something weird apparently happened with my FB account
Please ignore.
On Apr 8, 2009, at 18:29, Hans Granqvist > wrote:
facebook
Hans Granqvist has:
150 friends
7 photos
26 notes
18 wall posts
19 groups
Check out my photos on Facebook
Hi OpenID,
I set up a Facebook prof
://www.facebook.com/p.php?i=568401039&k=42CTX456PZ4M5ADGYKX2YV&r
specs@openid.net was invited to join Facebook by Hans Granqvist. If you do not
wish to receive this type of email from Facebook in the future, please click on
the link below to unsubscribe.
http://www.facebook.com/o.php?k=
'expires_in' relates to the length of the RP->OP assoc, not the
length of the EU->RP session.
I don't think that param is usable for you, unless I completely
misunderstand what you're trying to achieve, which I think
is that the end-user has to occasionally re-authenticate?
Hans
On Wed, Jul 2, 2
The membership application forms seem to be missing from
http://openid.net/foundation/join/.
Can someone look into it?
Thanks,
Hans
2008/4/25 Mike Jones <[EMAIL PROTECTED]>:
>
>
>
>
> In accordance with the OpenID Foundation IPR policies and procedures this
> note proposes the formation of a ne
I'm not sure what the new intellectual property policy means as
regards to discussing on the mailing lists. Do I implicitly agree
to this policy by posting ideas here? Can someone explain?
More info at
http://www.mail-archive.com/[EMAIL PROTECTED]/msg2.html
Thanks,
Hans
On 2/1/08, McGovern,
In essence, OpenID is a reaction to (perceived?) complexity, so it's an
uphill battle to reference SAML, XRI, or anything that touches on any
W3 or OASIS standard effort relating to XML and security, really.
So for OpenID, there has to be a simpler, "key/value-pair," way of
doing what's desired, i
Interesting idea.
Is there a way to do this via an RP-> OP SSL handshake? Web
apps typically don't have access to SSL private keys, at least
in larger deployments.
I wonder how your idea reduces network traffic, though. Don't
you still have to retrieve the public key, which is likely
larger than
re should be any material differences
> > with SREG 1.1 such as adding a few additional common fields.
>
> -1 on adding anything to SREG; that's what Attribute Exchange is for.
>
> Josh
> ___
> specs mailing list
> specs@openid.
t; _______
> specs mailing list
> specs@openid.net
> http://openid.net/mailman/listinfo/specs
>
>
--
Hans Granqvist
CTO
Phone: +1 (408) 524-1598
http://www.yubico.com/
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
A few comments:
* Would be great if all the namespace URLs resolved into live links.
It always helps in the XML world and probably would in here too.
* Section 4 Defined Authentication Policies
We've talked about this before, but I just want to restate that it is
a bad idea to name a policy base
> Ping demoed OpenID technology at RSA.
>
> I hear Novell and IBM are looking at supporting OpenID.
>
> Microsoft has said they will in future products.
>
> Oracle and CA are following OpenID.
>
> So, yes. :-)
>
I'm curious why almost all of these companies are non-existent
on the mailing lis
Daniel E. Renfer wrote:
> While I haven't been able to find a good list of domains that meet
> this requirement, what does everybody think of the idea that if you
> can't find a DNS entry for the domain part of the trust root then it's
> not a good candidate for a trust root.
>
> Maybe it's just m
I think it is a fallacy to embed too much meaning
into a namespace URL.
Encoding into a URL info like main, sub, and draft versions,
plus add extension names and versions, and similar will soon
end up with an ever-growing problem of trying to match
compatible namespaces in the future.
Hans
__
Recordon, David wrote:
> I'm planning to check in the following patch to the authentication spec
> later today unless anyone has STRONG objections. It says that SSL is
> not REQUIRED, though comes as close to saying that it is that I think we
> can. Josh, Mart, and I believe this is a good middle
Drummond Reed wrote:
> I think you may have me mistaken for somebody else on the list (. . .)
Double-blind anonymity in action? ;)
-Hans
___
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs
The security profiles drafts that we published a few weeks
back have been uploaded [1-2] to openid.net
These are works in progress, so feel free to chime in.
Hans
[1] http://openid.net/specs/
openid-authentication-2_0-security-profiles-01.txt
[2] http://openid.net/specs/
openid-
Marius Scurtescu wrote:
> On 16-Oct-06, at 2:44 PM, Josh Hoyt wrote:
>
>
>>On 10/16/06, Recordon, David <[EMAIL PROTECTED]> wrote:
>>
>>>6.1 Signed List Algorithm
>>
>>[...]
>>
>>>I'm thinking it would make sense to
>>>change this algorithm to first alphabetically sort the arguments
>>>to make
Chris Drake wrote:
> There seem to be a lot of people on this list who want to hate and
> loathe the IdP, and grant all power to the RP. I do not understand
> this reasoning: our users will select the IdP they trust and like,
> then they will be using a multitude of possibly hostile RPs
> thereaf
19 matches
Mail list logo
