Improving OpenIDs use of cryptography 1 - using a MAC
bhyde at pobox.com
Sat Jun 4 06:21:00 PDT 2005
On Jun 3, 2005, at 11:03 AM, Paul Crowley wrote:
> Ben Hyde wrote:
>> One thing I sort of like about the design as it stands is the lack of
>> any state/account/relationship between the client and id servers.
>> I'd prefer not to introduce real accounts between the client-server
>> <-> id-server.
> This proposal preserves those attributes.
> While you can cache the HMAC-SHA1 secret just as you can cache the DSA
> key, you don't have to. You only have to keep it for the lifespan of
> this one authentication attempt, and you have to have some state for
> that long anyway for security.
the client server does need to get it before requests the assertion,
correct? (no big deal, just being sure I'm following along).
> You can even use cunning tricks to encrypt it into the return URL if
> you don't want to store it.
actually my note drawing attention to the issue of account-relationship
between the client-server and the id-server was triggered by noticing
the cunning in play. that led me to wonder why such cunning wasn't
more common. my hypthisis was that in most systems an
account-relationship is established, at which point tricks of this
nature aren't the path of least resistance.
That reminded me that there at _lots_ of features that would leverage
an account relationship.
I wanted put the bee in people's noddle - recognize that what ever your
doing to maintain a pool of state in service of security is just the
tip of the iceberg of state that _lots_ of features would love to have.
I forecast sunny weather!
More information about the yadis