Aaron Parecki

Friday, July 22, 2022

• 
• 

  Contributions from: France, Korea, Republic of, Kuwait, Romania, Russian Federation, Sweden, United Kingdom, United States

  Fri, Jul 22, 2022 12:13am -07:00
• 

  11:23pm

  Asleep

  6:44am

  Awake

  7h 21m

  Slept

  25m

  Awake for

  

  Portland, Oregon, USA

  Fri, Jul 22, 2022 6:44am -07:00
• Tobias Zuegel 🇺🇦 | #AzureAD https://twitter.com/MrAzureAD   •   Jul 22

  Not talking about the protocol itself. Just how easy it is for a SaaS vendor to provide configuration information that can be followed by the IT department of the customer.
  

  I'm really curious about this, can you link me to some docs that you've seen that demonstrate this difference?

  Portland, Oregon, USA • 60°F

  1 like 1 reply

  Fri, Jul 22, 2022 7:41am -07:00
• 

  Contributions from: France, Korea, Republic of, Kuwait, Romania, Russian Federation, Singapore, Sweden, United Kingdom, United States

  Fri, Jul 22, 2022 8:31am -07:00
• Yann Crumeyrolle https://twitter.com/ycrumeyrolle   •   Jul 22

  Same protocol, same risk (sic). And moreover OAuth2 is not secure because it require TLS.
  
  Happy to have fought all this false assertions , but we still have SAML when connecting to old SaaS.
  

  that's...wrong and also just a weird thing to say. There's also FAPI which is a secure profile of OAuth and OpenID Connect.

  Portland, Oregon, USA • 63°F

  1 like 1 reply

  Fri, Jul 22, 2022 10:06am -07:00
• Christos Karras https://twitter.com/ckarras

  I can’t wait for something better than OIDC to be introduced.
  - Poor user experience
  - Poor developer experience: “just use a library to hide all the complexity” doesn’t work, you have to understand the underlying protocol to ensure the library is used correctly

  Portland, Oregon • 63°F

  Fri, Jul 22, 2022 12:17am +00:00 (liked on Fri, Jul 22, 2022 10:12am -07:00)
• Christos Karras https://twitter.com/ckarras   •   Jul 22

  - Having a SSO authentication form as a web page instead of a special OS window facilitates various phishing attempts
  

  hardware authenticators like Yubikey/FaceID/TouchID solve the phishing problem with OIDC at least, but I'm expecting we're going to see some interesting OS-facilitated login flows in the near future

  Portland, Oregon, USA • 63°F

  Fri, Jul 22, 2022 10:16am -07:00
• The New Technology Powering Europe’s COVID Certificates (www.securid.com)

  Fri, Jul 22, 2022 1:57pm -07:00 #identity #blockchain #verifiablecredentials #vc
• SSI-on-Blockchain is Objectively a Bad Thing | Niko’s Blog (weh.wtf)

  Fri, Jul 22, 2022 2:11pm -07:00 #ssi #blockchain #identity
• 44Net Wiki (wiki.ampr.org)

  Fri, Jul 22, 2022 2:54pm -07:00 #hamradio #ampr #radio

• Are the new ATEM SDI & ATEM SDI Extreme ISO switchers worth it?

  

  Blackmagic just announced a new lineup of ATEM Minis with SDI instead of HDMI! Find out how these new SDI switchers stack up against the original HDMI ATEM Minis and the new Constellation HDs!

  continue reading...

  Fri, Jul 22, 2022 6:33pm -07:00
• 

  Contributions from: France, Indonesia, Korea, Republic of, Kuwait, Romania, Russian Federation, Singapore, Sweden, Turkey, United Kingdom, United States

  Fri, Jul 22, 2022 8:24pm -07:00