Improving OpenIDs use of cryptography 1 - using a MAC
Jean-Luc Delatre
jld at club-internet.fr
Fri Jun 3 07:27:30 PDT 2005
About the general idea of "improving" the protocol.
Why not turn it the other way around?
Among known protocol proposals which have already been published and
reviewed like in:
http://sky.fit.qut.edu.au/~choo/lounge.html
Or even among very recent ones:
http://www.di.ens.fr/%7Epointche/pub.php
Pick one which is "close enough" to the already existing OpenID, not
overly complicated and not requiring too heavy computations
(it is mostly the prime numbers generation which "kills" and has to be
delegated or pre-computed)
and *stick to the script*!!!
I don't really trust "homebrew authentication" .
And, to repeat myself, a seemingly obscure algorithm is not a problem if
it fits in few lines of code and is not too heavy on number crunching
(all good ones are, but there are degrees in the pain...)
So, could Paul or Imran or whoever else has the required skills have a
glance at this path?
Cheers,
JLD
More information about the yadis
mailing list