You may be recieving this twice, but I got a bounce last time I tried to
send it....
Anyway, I am writing a program to do distributed dictionary attacks
against CRAM style authentication and was attempting to enumerate all
protocols that used CRAM and I ran across a new auth mechanism
that MS is using for single sign-on to hotmail and Microsoft
Money and some other MSN sites..its called Microsoft Passport....I
searched all over Microsoft's site for technical information on it so that
I could evaluate it for weaknesses. So the question is:
Does anyone have any technical details on Microsoft Passport?
I would greatly appreciate them as I would enjoy throwing more mud in
Microsoft's eye.
-Justin Chapweske
