Association Handles and Service URIs
Marius Scurtescu
marius at sxip.com
Tue Aug 29 21:56:05 UTC 2006
On 25-Aug-06, at 3:24 PM, Marius Scurtescu wrote:
> On 25-Aug-06, at 10:52 AM, Kevin Turner wrote:
>
>> You're right, there is typically only one active association. I
>> suppose
>> there is a borderline case where the RP sends a request with one
>> association handle, but in the time between when you make the request
>> and get a response, a new association has been established... but
>> since
>> new associations are typically only established when the old one
>> becomes
>> invalid, it's questionable if you should accept the response in that
>> case anyway.
>
> You bring up a good point, what happens if a new association is
> established while there are active transactions? If you don't
> accept the transaction then this leads to bad user experience. I
> can see two solutions here:
> - if the association based verification fails then fall back to
> direct verification (this would also prevent the DoS attack
> described above), but the spec should allow you to do this
> - allow multiple associations to be active, you will ask for a new
> association before the previous one expired and then unfinished
> transactions can still complete properly, this complicates
> association management a bit
The fall back to direct verification is not possible, the key used
for the signature would be totally different.
Another option would be to establish a new association and then
bounce the user back to the server and ask for an immediate
authentication (check_immediate) this time.
So, solving this issue is totally up to the client implementor? Any
suggestions or hints planned for the spec?
Marius
More information about the yadis
mailing list