[WEB SECURITY] Social login / federated identity
brian at omniti.com
Mon Feb 25 17:37:49 EST 2013
Tangentially related to your argument and interesting reading none the less
on how even very large companies can easily get things wrong.
On Sun, Feb 24, 2013 at 7:14 PM, Martin O'Neal <martin.oneal at corsaire.com>wrote:
> > I'm going to have to argue in favor of
> > federated identity but to be clear only
> > for WS-Federation.
> This isn't a matter of technology though, you're missing the point.
> SSO as a concept is a good one, within the same security domain. Such as
> inside a cluster of applications from a single vendor.
> However, handing your auth over to facebook isn't the same thing at all.
> The Web Security Mailing List
> WebSecurity RSS Feed
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> websecurity at lists.webappsec.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity