Hi all I've create a proof of concept which highlights the problem of single sign on providers not providing iframe protection and remembering the password.
The demo uses a Verisign account (It was the first provider I found without iframe protection) <http://www.thespanner.co.uk/2007/09/28/openid-security-css- overlays/> Cheers Gareth _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
