[TYPO3-core] RFC #9474: Integrate OpenID authentication support to TYPO3
Dmitry Dulepov
dmitry at typo3.org
Mon Oct 20 13:06:55 CEST 2008
Hi!
Michael Stucki wrote:
> If I understand correctly, that would make the OpenID authentication
> pretty much insecure, right? Therefore, it may be questioned already if
> the else condition should be used at all.
Wrong. OpenID library will use its own random generation algorithm in this case. It is weaker than /dev/urandom but still good enough for most systems. Unless you work in NSA or Vatican Swiss guard, you will be ok with that built-in generator ;)
--
Dmitry Dulepov
TYPO3 Core team
My TYPO3 book: http://www.packtpub.com/typo3-extension-development/book
In the blog: http://typo3bloke.net/post-details/iphone_as_productivity_tool/
More information about the TYPO3-team-core
mailing list