Re: [Savannah-users] single sign-on

savannah-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-users] single sign-on

From:	Sylvain Beucler
Subject:	Re: [Savannah-users] single sign-on
Date:	Fri, 31 Jul 2009 23:36:24 +0200
User-agent:	Mutt/1.5.20 (2009-06-14)

On Fri, Jul 31, 2009 at 05:49:30PM +0100, Davi Diaz wrote:
> Karl Goetz wrote:
> > OpenID consumer support?
> 
> No, please!  It is weak in security. I would like do not have to repeat here 
> the discussion with dachary at IRC about the security weakness of the OpenID 
> standard.
> 
> Please, do not build infrastructures on weak bases!

<police mode>

- when things are moving off-topic, please change the subject

- back up your claims

</police mode>

Last time I discussed OpenID I understood it was an evolving
technology, so facts from 1 or 2 years ago probably don't apply
anymore, and was otherwise secure. AFAIU the main weakness would be a
use of shared-key cryptography on the first sp<->idp connection - are
you refering to that?.

-- 
Sylvain

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Savannah-users] Removing inactive user accounts, (continued)
- Re: [Savannah-users] Removing inactive user accounts, Randy Kramer, 2009/07/30
  - Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/30
    - Re: [Savannah-users] Removing old user accounts with no past activity, Donn, 2009/07/30
- Re: [Savannah-users] Removing inactive user accounts, list, 2009/07/30
  - Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/30
    - Re: [Savannah-users] Removing old user accounts with no past activity, Nicodemo Alvaro, 2009/07/30
    - Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/30
    - Re: [Savannah-users] Removing old user accounts with no past activity, Nicodemo Alvaro, 2009/07/30
    - Re: [Savannah-users] Removing old user accounts with no past activity, Karl Goetz, 2009/07/30
    - Re: [Savannah-users] Removing old user accounts with no past activity, Davi Diaz, 2009/07/31
    - Re: [Savannah-users] single sign-on, Sylvain Beucler <=
    - Re: [Savannah-users] OpenID security? Is it a joke?, Davi Leal, 2009/07/31
    - Re: [Savannah-users] Removing old user accounts with no past activity, Karl Goetz, 2009/07/31
    - Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/31
    - Re: [Savannah-users] Removing old user accounts with no past activity, Ray Wang, 2009/07/31
    - Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/31
    - Re: [Savannah-users] Removing old user accounts with no past activity, Karl Goetz, 2009/07/31
    - [Savannah-users] Re: Removing old user accounts with no past activity, Miles Bader, 2009/07/31
    - Re: [Savannah-users] Removing old user accounts with no past activity, Davi Leal, 2009/07/31
- Re: [Savannah-users] Removing inactive user accounts, Karl Goetz, 2009/07/30
  - Re: [Savannah-users] Removing old user accounts with no past activity, Sylvain Beucler, 2009/07/30

Prev by Date: Re: [Savannah-users] Removing old user accounts with no past activity
Next by Date: Re: [Savannah-users] OpenID security? Is it a joke?
Previous by thread: Re: [Savannah-users] Removing old user accounts with no past activity
Next by thread: Re: [Savannah-users] OpenID security? Is it a joke?
Index(es):
- Date
- Thread