Archives for the Date October 23rd, 2007

Verisign fix overlay vulnerability

I’m pleased to announce Verisign have fixed the CSS overlay vulnerability I disclosed. It is good news that the OpenID providers respond well to security reports as I think security is extremely important especially with a single sign on service. Verisign acted very professionally and communicated well and fixed the flaw promptly.