Oh - and the random key is not a good idea because it makes replay
attacks far too easy - and is more work for the consumer (they have to
track each users random key).<br>
<br>
Ben<br><br><div><span class="gmail_quote">On 5/20/05, <b class="gmail_sendername">Sam Kramer</b> <<a href="mailto:slambo2001@gmail.com">slambo2001@gmail.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Instead of public keys, what if the OpenID server randomly generates a<br>small key, and tells the consumer to use it to encode the trackback?<br>I like this better than having optional public keys for consumers<br>because instead of the consumer having the decision about securing
<br>what they send, the OpenID server has the decision about requiring<br>what they receive to be secure. If the server doesn't care about the<br>security, it shouldn't have to put up with decrypting the trackback<br>info.
<br><br>Hope this makes some sense.<br>-Sam<br><br>On 5/19/05, Ben Nolan <<a href="mailto:bnolan@gmail.com">bnolan@gmail.com</a>> wrote:<br>><br>> (I'm ashamed of my url to private key idea) ;)<br>><br>> > If consumers had private keys (which would suck as a requirement... too
<br>> > much pain), then what do they get from signing a trackback? What does,<br>> > say, LiveJournal benefit from getting a trackback that's singed from<br>> > <a href="http://someblog.com">someblog.com
</a>? That we know it came from someblog and can trust it? We<br>> > can't trust the contents... so that the origin is correct? I'm not<br>> > bashing this idea... I just don't fully understand what's being
<br>> > verified/protected.<br>> ><br>><br>> We're verifying that the comment came from someblog. And we trust someblog<br>> to *some extent* (because we shared our identity with it) - so we'll trust
<br>> it enough to post a trackback to a comment we made. The purpose of this is<br>> that we can recieve notification of comments that we post in the<br>> 'blogosphere', so that I an keep a track of comments I make.
<br>><br>> The consumer could also use their public key to sign any posts they send to<br>> my weblog, so my identity server could tell my wordpress install to trust<br>> someblog - then if our atom api recieves a request with the querystring
<br>> params openid.trust_root=http://someblog/&openid.sig=...<br>> it'd know to accept that post.<br>><br>> It just seems a simple way to let consumers identify themselves to services<br>> other than the identity server.
<br>><br>> And the public key would be *totally* optional for consumers, but if we add<br>> a recommendation that ID servers record the URLs to consumers public keys,<br>> it gives us lots of flexibility with no additional work for consumers, and
<br>> minimal extra work for ID servers.<br>><br>> Hope that makes more sense this time.<br>><br>> Ben<br>><br>> _______________________________________________<br>> yadis mailing list<br>> <a href="mailto:yadis@lists.danga.com">
yadis@lists.danga.com</a><br>> <a href="http://lists.danga.com/mailman/listinfo/yadis">http://lists.danga.com/mailman/listinfo/yadis</a><br>><br>><br>><br></blockquote></div><br>