| Yubico Forum https://forum.yubico.com/ |
|
| What kind of data is transmitted to the client? https://forum.yubico.com/viewtopic.php?f=16&t=634 |
Page 1 of 1 |
| Author: | jochen [ Wed Feb 09, 2011 3:33 pm ] |
| Post subject: | What kind of data is transmitted to the client? |
What kind of personal data ist transmitted from the yubico server to the client? Is there some test client on the net where I can see what personal data is transmitted from some OpenID? |
|
| Author: | Simon [ Thu Feb 10, 2011 9:02 pm ] |
| Post subject: | Re: What kind of data is transmitted to the client? |
The OpenID server does not have any personal information at all except for what the user is providing by using the service -- i.e., your openid url and your yubikey prefix. The server only checks that it gets a valid YubiKey OTP for the requested yubikey. The source code is available from: http://code.google.com/p/yubico-openid-server/ Hope this clarifies, let me know if you have additional questions. /Simon |
|
| Author: | Redhatter [ Wed Feb 16, 2011 1:39 pm ] |
| Post subject: | Re: What kind of data is transmitted to the client? |
This is one big failing with OpenID IMO in that there's no official test site where you can check what an OpenID provider is passing on. I found some code that is intended as a demo for an OpenID client and have set it up at http://openid.longlandclan.yi.org/test/ but I notice it doesn't handle delegated OpenIDs properly. You're certainly welcome to give it a shot there and play with it. If I figure out how to make the library reveal more information about what it was told, I'll update it. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|