Home » Download » Modules » OpenID Provider » Issues

Association expire, explain it at the UI

Aron Novak - March 7, 2009 - 15:49
Project:OpenID Provider
Version:6.x-1.x-dev
Component:Code
Category:task
Priority:normal
Assigned:Unassigned
Status:reviewed & tested by the community
Description

Here is a patch to make the settings page more convient to the users what are not openid experts.

AttachmentSize
assoc_expire_description.patch1.05 KB
» Login or register to post comments

#1

anarcat - March 12, 2009 - 22:51
Status:needs review» needs work

I agree in principle, I would rephrase a little the message:

This timeout is necessary to ensure proper security of your identities. If an attacker sniffing the network gets a hold of the SHA1 hash and is somehow able to bruteforce it, he can perform a man in the middle attack and access the target site. Since brute force attacks take a long time, this timeout ensures this attack is impracticable.

Also, "Read more" could be "More information about this issue."

Login or register to post comments

#2

Aron Novak - March 19, 2009 - 11:04
AttachmentSize
394114_assoc_expire_description_1.patch 1.19 KB
Login or register to post comments

#3

Aron Novak - March 19, 2009 - 11:05
Status:needs work» needs review

Thank you for making the text more readable.

Login or register to post comments

#4

anarcat - March 21, 2009 - 18:15
Status:needs review» reviewed & tested by the community

Thanks. :) I therefore feel this is RTBC.

Login or register to post comments
 
 

Drupal is a registered trademark of Dries Buytaert.