Eric Sachs


Vulnerability report: Data confusion 5

In May of last year a group of security researchers identified a flaw in some OpenID implementations.  They have recently identified a related flaw in some OpenID implementations.  See data-confusion-bugreport (1) for their report. The researchers contacted the main websites impacted, and those sites have deployed a fix. OpenID Foundation board members have […]