[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [imi] Question regarding encryption
Mario Ivkovic wrote on 2009-12-07: > I was thinking of a government-driven IdP where users probably don't want > the IdP to know all services they use. The problem is that bearer tokens are not very safe to use without audience restrictions. Non-auditing mode is fine in theory and broken in practice unless a holder of key model is used. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]