Me too ;-) There are tradeoffs, no question -- and I used the verb "suggest" to indicate only a weak preference, on balance.
On Jan 23, 2007, at 14:19, Hallam-Baker, Phillip wrote: > I get really worried whenever I see such statements. They tend to > be the sign of a long drawn out specification effort rather than a > short one. > > If you want to change the Internet you have a lot of gatekeepers to > convince. Deciding that you don't have time to do that is usually a > mistake. > > The key is to understand which parties are really gatekeepers and > which are not. Two gatekeepers that must be convinced here are the > security cabal and the open source community. > >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of Johannes Ernst >> Sent: Tuesday, January 23, 2007 3:57 PM >> To: Recordon, David >> Cc: specs@openid.net >> Subject: Re: OpenID Auth 2.0 security considerations >> >> Given where we are in time, I would suggest to make the >> smallest amount of changes possible to the document, i.e. >> leave everything as is, just add this one link. >> >> >> On Jan 23, 2007, at 11:59, Recordon, David wrote: >> >>> I don't see a problem with that. >>> >>> Would you propose the majority of the security >> considerations section >>> in the current draft be moved to the wiki? What would be >> the balance >>> between spec and wiki page? >>> >>> --David >>> >>> -----Original Message----- >>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >>> Behalf Of Johannes Ernst >>> Sent: Monday, January 22, 2007 12:15 PM >>> To: specs@openid.net >>> Subject: OpenID Auth 2.0 security considerations >>> >>> What about a non-normative link from the spec to a place on >> the wiki >>> where we can collect security considerations for it, and >> update those >>> in real-time as discussions such as the phishing one progress. >>> >>> >>> >>> _______________________________________________ >>> specs mailing list >>> specs@openid.net >>> http://openid.net/mailman/listinfo/specs >> >> _______________________________________________ >> specs mailing list >> specs@openid.net >> http://openid.net/mailman/listinfo/specs >> _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs