.Nat Zone

Digital Identity et al.

「 OpenID 2.0 」 一覧

no image

Covert Redirect is not new but.. A risk analysis and recommendations

So, there has been a flurry of worries induced by the CNET and other articles [1] about “Covert Redirect”. Like Leandro Boffi wrote in his blog post [2], this is not a new attack. It is an attack that has been …

no image

Comments on Wang-Chen-Wang paper on OpenID Implementation Vulnerability

  2012/04/27    identity ,

In the paper titled “Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services“, Rui Wang, Shuo Chen, XiaoFeng Wang reported the “vulnerability” in some OpenID 2.0 implementations. The vulnerability they …