[EMAIL PROTECTED] wrote: > In short, associations are useful for reducing the cost of verifying > assertions by allowing the verification to be performed by the RP. > However they do not add to the resistance to MITM attacks.
So you found it as easy to set up a fake OP as it is to proxy-change a DV 'no' to 'yes' down-stream? I bet you didn't. And that complexity difference is the added resistance. -Hans _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
