Monthly Archives: August 2013


Vulnerability Alert – OpenID 2.0 Implementations Vulnerabilities found in some OPs 5

Please be advised a number of OpenID Authentication 2.0 server implementations were found to be vulnerable due to non-compliance to the normative requirements of the OpenID Authentication 2.0 specification. The nature of the vulnerability In section 11.4.2.1 of the OpenID Authentication 2.0, it is stated that “For verifying signatures an […]