Comments (2)

  1. andarno says:

    DON’T USE the library Mads offers.  It’s sorely incomplete and COMPLETELY INSECURE.  Any site using his OpenId class can be hacked with a single word change in the URL to log in as anyone at all.  

    Check out http://dotnetopenid.googlecode.com for a complete and secure library.

  2. DotNetInterop says:

    Hmmm, interesting!  So, Andarno, can you cite an analysis of the openID libraries for .NET, or better, of openID libraries in general?    I’d like to get the lowdown. Has anyone written up anything more formal?

    Thanks

    -Dino