04, 2008 6:14 AM
To: Trevor Johns
Cc: 'OpenID specs list'
Subject: Re: OpenID Email Discovery
On Jan 4, 2008, at 12:07 PM, Trevor Johns wrote:
On Jan 4, 2008, at 1:59 AM, Artur Bergman wrote:
Fair or not, I am tired of hearing how un-secure DNS, when
everything
we do is based
On Jan 4, 2008, at 12:45 AM, Artur Bergman wrote:
On Jan 4, 2008, at 7:28 AM, Trevor Johns wrote:
6. I can't see how this can be used securely. DNS is highly
vulnerable
to attack.
Which is why the internet isn't working at all. Ever, Never!
Hey, that's not fair!
DNS is well designed
On Jan 4, 2008, at 12:07 PM, Trevor Johns wrote:
On Jan 4, 2008, at 1:59 AM, Artur Bergman wrote:
Fair or not, I am tired of hearing how un-secure DNS, when
everything we do is based on it, and it being the worlds largest
working distributed database.
There's a difference between
On Jan 4, 2008, at 10:16 AM, Trevor Johns wrote:
On Jan 4, 2008, at 12:45 AM, Artur Bergman wrote:
On Jan 4, 2008, at 7:28 AM, Trevor Johns wrote:
6. I can't see how this can be used securely. DNS is highly
vulnerable
to attack.
Which is why the internet isn't working at all. Ever,
On Jan 4, 2008, at 1:59 AM, Artur Bergman wrote:
Fair or not, I am tired of hearing how un-secure DNS, when
everything we do is based on it, and it being the worlds largest
working distributed database.
There's a difference between working and secure. For example, email
works great but
On Jan 3, 2008, at 6:03 PM, Hallam-Baker, Phillip wrote:
NAPTR is an ietf proposed standard but there is no deployed base.
well, there certainly are deployed bases where i sit, since we have
DNS zones in operation with well over 40M entries... most of which
are NAPTR RR's, and many, many
AM
To: Hallam-Baker, Phillip
Cc: Eran Hammer-Lahav; OpenID specs list
Subject: Re: OpenID Email Discovery
On Jan 3, 2008, at 6:03 PM, Hallam-Baker, Phillip wrote:
NAPTR is an ietf proposed standard but there is no deployed base.
well, there certainly are deployed bases where i sit, since we
On Jan 4, 2008, at 3:14 AM, Artur Bergman wrote:
You can always go out and use DNSSEC.
That would certainly be a solution. However, isn't DNSSEC not yet
widely deployed?
Isn't this just a lookup of email address - openid/url that is then
handled as a normal openid login?
I'm not sure I
:[EMAIL PROTECTED] On Behalf
Of Hallam-Baker, Phillip
Sent: Thursday, January 03, 2008 3:03 PM
To: Peter Davis
Cc: OpenID specs list
Subject: Re: OpenID Email Discovery
NAPTR is an ietf proposed standard but there is no deployed base. SRV has
been supported in windows since 2000 and bind since
On Jan 4, 2008, at 6:29 PM, Trevor Johns wrote:
You can always go out and use DNSSEC.
That would certainly be a solution. However, isn't DNSSEC not yet
widely deployed?
bingo, the world hasn't seen the need for it
Isn't this just a lookup of email address - openid/url that is
then
'
Subject: Re: OpenID Email Discovery
On Jan 4, 2008, at 1:59 AM, Artur Bergman wrote:
Fair or not, I am tired of hearing how un-secure DNS, when
everything
we do is based on it, and it being the worlds largest working
distributed database.
There's a difference between working and secure
: 'OpenID specs list'
Subject: Re: OpenID Email Discovery
On Jan 4, 2008, at 12:07 PM, Trevor Johns wrote:
On Jan 4, 2008, at 1:59 AM, Artur Bergman wrote:
Fair or not, I am tired of hearing how un-secure DNS, when
everything
we do is based on it, and it being the worlds largest working
(The full story is posted at
http://www.hueniverse.com/hueniverse/2008/01/addressing-open.html but this
contains the technical parts of the post).
This proposal adds Email Discovery allowing users to use their email address as
an OpenID.
...
We need to map between the email to the OpenID
:01 PM
To: 'OpenID specs list'
Subject: OpenID Email Discovery
(The full story is posted at
http://www.hueniverse.com/hueniverse/2008/01/addressing-open.html but this
contains the technical parts of the post).
This proposal adds Email Discovery allowing users to use their email address
] on behalf of Eran Hammer-Lahav
Sent: Thu 03/01/2008 4:01 PM
To: 'OpenID specs list'
Subject: OpenID Email Discovery
(The full story is posted at http://www.hueniverse.com/hueniverse/
2008/01/addressing-open.html but this contains the technical parts
of the post).
This proposal adds Email
process that I'm
missing?
=Drummond
_
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Hallam-Baker, Phillip
Sent: Thursday, January 03, 2008 3:03 PM
To: Peter Davis
Cc: OpenID specs list
Subject: Re: OpenID Email Discovery
NAPTR is an ietf proposed standard
On Jan 3, 2008, at 1:01 PM, Eran Hammer-Lahav wrote:
(The full story is posted at
http://www.hueniverse.com/hueniverse/2008/01/addressing-open.html
but this contains the technical parts of the post).
This proposal adds Email Discovery allowing users to use their email
address as an
On Jan 3, 2008, at 10:28 PM, Trevor Johns wrote:
Erin,
While it sounds nice at first glance, there's are a number of problems
I see with this:
Oh, and one more I thought up right after I hit send:
7. If their email provider is willing to set up an OP they'd probably
also be willing to
18 matches
Mail list logo