Matthew Stephen Hartmann

My feedback

  1. 310 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    97 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →

    That’s a great idea. It’s certainly something that OPs and RPs should take into consideration.

    There is currently some conversations going on about an OpenID Security Best Practices document; while the spec shouldn’t mandate SSL, it certainly should present the case for supporting it, ideally in a best practices doc.

    An error occurred while saving the comment
    Matthew Stephen Hartmann commented  · 

    i believe SSL should be required to be OpenID compatible. why risk sending ANY information through the cloud in plain text? i typically keep away from any site that doesn't offer SSL encrypted connections. just my thoughts, though.

Feedback and Knowledge Base