-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all
I have been thinking about 2 possible flaws with OpenID providers, I haven't had time to test any of them however because I've started work on another project. Now they might not even exist or they could possibly create huge flaws in every provider worse case. I would like someone to test my theories and see if the holes are possible to exploit. What do you think it the best policy here? Do you think it is safe for me to publically dicuss this? Cheers Gareth -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkYkkkMACgkQrR8fg3y/m1CtSgP/Rn/9x6Syj2+h4Cig9Q7xckz10H2m MwGyZ1CDMrFlQjR0tAeLA2PVspbm+FsxsJawd5xwDFye3r4dUo4FBHew+1DFpeENXkK9 R+hzov+nWtDsyWD/KkGMNnJKhtk7Olg2I8A3I7wJk0W60L0FYJcPrkUoInHrk3vFl25z SIY13Iw= =gJCA -----END PGP SIGNATURE----- -- Click for dental plans with huge savings, top service and coverage http://tagline.hushmail.com/fc/CAaCXv1KbKwI3IpjFWyPg3WhkB9IL5tz/ _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
