urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

closing with explanation

master
Joey Hess 2008-02-24 17:31:18 -05:00
parent 4eabb3cb7a
commit b045e3124a
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
doc/bugs/ssl_certificates_not_checked_with_openid.mdwn
View File

@ -7,3 +7,19 @@ Test #2: Download net\_ssl\_test from dodgy source (it uses the same SSL perl li
For now, I want to try and resolve the issues with net\_ssl\_test, and run more tests. However, in the meantime, I thought I would document the issue here.
-- Brian May
> Openid's security model does not rely on the openid consumer (ie,
> ikiwiki) performing any sanity checking of the openid server. All the
> security authentication goes on between your web browser and the openid
> server. This may involve ssl, or not.
>
> For example, my openid is "http://joey.kitenet.net/". If I log in with
> this openid, ikiwiki connects to that http url to determine what openid
> server it uses, and then redirects my browser to the server
> (https://www.myopenid.com/server), which validates the user and redirects
> the browser back to ikiwiki with a flag set indicating that the openid
> was validated. At no point does ikiwiki need to verify that the https url
> is good.
> --[[Joey]]
[[tag done]]