I agree with Claus. We may not need a base64 type.
Guoping
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Claus Färber
Sent: Tuesday, May 29, 2007 3:33 AM
To: specs@openid.net
Subject: Re: attribute exchange value encoding
Johnny Bufu schrieb:
The
Johnny:
I have a couple comments on Section 3.3.2 Default Encoding of a Binary
Value.
First, the character set of standard Base64 encoding is not URL-safe.
Specifically, '+', '/' and '=' need to be URL-encoded. So, we need to
URL-encode the value after base64 encoding.
Secondly, different
Hans:
Thank you for your comments. I agree with you that not vulnerable to
*this* man in the middle attack is more accurate.
Regards,
Guoping
-Original Message-
From: Granqvist, Hans [mailto:[EMAIL PROTECTED]
Sent: Friday, May 18, 2007 10:14 AM
To: Guoping Liu; OpenID specs list