Download & Extend
OpenID Provider » Issues

Association expire, explain it at the UI

Posted by Aron Novak on March 7, 2009 at 3:49pm
Project:OpenID Provider
Version:6.x-1.x-dev
Component:Code
Category:task
Priority:normal
Assigned:Unassigned
Status:closed (fixed)

Issue Summary

Here is a patch to make the settings page more convient to the users what are not openid experts.

AttachmentSize
assoc_expire_description.patch1.05 KB
Login or register to post comments

Comments

#1

Posted by anarcat on March 12, 2009 at 10:51pm
Status:needs review» needs work

I agree in principle, I would rephrase a little the message:

This timeout is necessary to ensure proper security of your identities. If an attacker sniffing the network gets a hold of the SHA1 hash and is somehow able to bruteforce it, he can perform a man in the middle attack and access the target site. Since brute force attacks take a long time, this timeout ensures this attack is impracticable.

Also, "Read more" could be "More information about this issue."

#2

Posted by Aron Novak on March 19, 2009 at 11:04am
AttachmentSize
394114_assoc_expire_description_1.patch 1.19 KB

#3

Posted by Aron Novak on March 19, 2009 at 11:05am
Status:needs work» needs review

Thank you for making the text more readable.

#4

Posted by anarcat on March 21, 2009 at 6:15pm
Status:needs review» reviewed & tested by the community

Thanks. :) I therefore feel this is RTBC.

#5

Posted by walkah on February 14, 2010 at 11:34pm
Status:reviewed & tested by the community» fixed

committed! thanks guys. :-)

#6

Posted by System Message on February 28, 2010 at 11:40pm
Status:fixed» closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

nobody click here