Gareth, Thanks. We all appreciate your efforts; they set a good precedent for how OpenID security fixes should work.
=Drummond -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Saturday, March 24, 2007 2:44 AM To: [email protected] Subject: [security] Site checking -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone I have no problems at all in checking anyones server for this Safari problem but because of the amount of emails I am receiving please could you do the following in your emails:- a) Provide me with a url to the register an OpenID account. b) Provide a link to the identity page for the service. c) If payment is required to register on your site, please provide a demo username + password. Which when my tests are complete you can delete. I want to do my best to help the OpenID community and you can expect me to provide more reports if any problems are found, if I do find any I shall always follow the following procedure:- 1. I shall inform any site first. 2. I shall post the problem to this list but without disclosing technical details. 3. Only when the site has fixed the problem and other OpenID servers are not affected will I then post any technical details to this list. Cheers Gareth -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkYE8tAACgkQrR8fg3y/m1B3BgP/RyOAIbHiC+O/6y1PRyWf6ixtP/7G jLjdMHAzi3a2n29XsX+oIB4NWKhfA7Msg0VO+WY3HVKKOH2r20PLazSScn7Zisda+qmF ZN8ilJSkRBwaAUUg5xsvGM3eIWWZ/NECKChCahqR9OyzzlEZnaFZy4AfSqzwR2AMMZyO C6zDUWM= =VARg -----END PGP SIGNATURE----- -- Click to consolidate debt and lower month expenses http://tagline.hushmail.com/fc/CAaCXv1QPxbs51VOlMsjPz4sStO08Ke5/ _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
