Comments on Wang-Chen-Wang paper on OpenID Implementation Vulnerability

In the paper titled “Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services“, Rui Wang, Shuo Chen, XiaoFeng Wang reported the “vulnerability” in some OpenID 2.0 implementations. The vulnerability they listed can probably be named as “OpenID Signature Check Failure” …