tag:blogger.com,1999:blog-8271855.post7571947150417015251..comments2008-11-01T05:29:38.517-07:00Comments on Thoda sa main...(A little bit of me): My take on OpenIDRohit Srivastwahttp://www.blogger.com/profile/10024873320275519064noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-8271855.post-19144280549765983402008-11-01T05:29:00.000-07:002008-11-01T05:29:00.000-07:00@Dhananjay <br>XSS and CSRF can be used for many "...@Dhananjay <BR/>XSS and CSRF can be used for many "good" things.<BR/>Depending on client side security life FF extension is not a very good idea, I feel client side security is for geeks only, what about common man. Even you know how much a common man knows about security<BR/><BR/>@Vikram<BR/>Frankly telling, I haven't tried any attack on CardSpace yet. So can't comment at this moment. If you do so, please let me also know.Rohit Srivastwahttp://www.blogger.com/profile/10024873320275519064noreply@blogger.comtag:blogger.com,1999:blog-8271855.post-34355466651978525002008-11-01T03:50:00.000-07:002008-11-01T03:50:00.000-07:00Are those vulnerabilities with OpenID are with Car...Are those vulnerabilities with OpenID are with CardSpace too? , I believe both works on almost same methodology.Vikram Pendsehttp://www.blogger.com/profile/01410458827520236058noreply@blogger.comtag:blogger.com,1999:blog-8271855.post-79111743700553782272008-10-30T21:44:00.000-07:002008-10-30T21:44:00.000-07:00Nice presentation. I was not sure how CSRF or XSS ...Nice presentation. I was not sure how CSRF or XSS vulnerabilities would get particularly influenced for better or for worse by using OpenID. <BR/><BR/>Phishing of course is a big problem, and using extensions such as Seatbelt for Firefox might be useful.Dhananjay Nenehttp://www.blogger.com/profile/07819637025260464815noreply@blogger.com