the https: version for realm so that RP discovery cant be spoofed
via DNS.
Regards
John B.
On 13-May-09, at 2:10 AM, specs-requ...@openid.net wrote:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url is always HTTPS
Subject: Should we recommend that return_to url is always HTTPS? What
about realm?
To: OpenID Specs Mailing List specs@openid.net
Message-ID: c62fb26e.bce7%lshep...@facebook.com
mailto:c62fb26e.bce7%25lshep...@facebook.com
Content-Type: multipart/related;
boundary
:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url is always HTTPS?
What
about realm?
To: OpenID Specs Mailing List specs@openid.net
Message-ID: c62fb26e.bce7%lshep...@facebook.com mailto:c62fb26e.bce7%25lshep
the https: version for realm so that RP discovery cant be spoofed via DNS.
Regards
John B.
On 13-May-09, at 2:10 AM, specs-requ...@openid.net wrote:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url
:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url is always
HTTPS? What
about realm?
To: OpenID Specs Mailing List specs@openid.net
Message-ID: c62fb26e.bce7
be to always use
the https: version for realm so that RP discovery cant be spoofed via
DNS.
Regards
John B.
On 13-May-09, at 2:10 AM, specs-requ...@openid.net wrote:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url
.
Regards
John B.
On 13-May-09, at 2:10 AM, specs-requ...@openid.net wrote:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url is always
HTTPS? What
about
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url is always
HTTPS? What
about realm?
To: OpenID Specs Mailing List specs@openid.net
Message-ID: c62fb26e.bce7%lshep...@facebook.com
mailto:c62fb26e.bce7
that RP discovery cant be spoofed via DNS.
Regards
John B.
On 13-May-09, at 2:10 AM, specs-requ...@openid.net wrote:
Date: Tue, 12 May 2009 23:10:38 -0700
From: Luke Shepard lshep...@facebook.com
Subject: Should we recommend that return_to url is always HTTPS? What
about realm?
To: OpenID