-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all
I have decided to release details of the MyOpenID poc which is available at :- http://www.thespanner.co.uk/2007/06/29/openid-security-issues/ The POC no longer works because MyOpenID fixed the problem months ago, I have also worked with other providers to make sure they are secure against this type of attack. Please examine the code because it will help you understand attacks of this nature. Cheers Gareth -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkaFHwsACgkQrR8fg3y/m1B1hgP9Hi4JB2N/Ba56ifjw144DP4RImmmY cCxcPhKPsHgMXwOGPoYpHj00/MWMGTNppluw9XC1KHnRS9kT0mHTrzjyETxPlr/+du44 ZlrNd5zdi8oJp1SzNW/GBJohbm8b3Rt6V8gLpJYwEK/ebTiuqh9tR2m88xhHnWNt4HIJ VNKTAQE= =h3/u -----END PGP SIGNATURE----- -- Click for free quote on refinancing your mortgage. http://tagline.hushmail.com/fc/Ioyw6h4d84nXzxciaSo6H0UzLVMK3KvqWxNBEJSMae5a8R6uh6PU1e/ _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
