Matthew Stephen Hartmann

My feedback

  1. 310 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    115 comments  ·  Ideas  ·  Flag idea as inappropriate…  ·  Admin →

    That’s a great idea. It’s certainly something that OPs and RPs should take into consideration.

    There is currently some conversations going on about an OpenID Security Best Practices document; while the spec shouldn’t mandate SSL, it certainly should present the case for supporting it, ideally in a best practices doc.

    An error occurred while saving the comment
    Matthew Stephen Hartmann commented  · 

    i believe SSL should be required to be OpenID compatible. why risk sending ANY information through the cloud in plain text? i typically keep away from any site that doesn't offer SSL encrypted connections. just my thoughts, though.

Feedback and Knowledge Base