paul at ciphergoth.org
Sun Jun 5 16:48:01 PDT 2005
Brad Fitzpatrick wrote:
> I'd have to spend some time reading before I'd understand it. I'll hope
> you side towards the simplest thing necessary for our requirements and
> then maybe I won't have to do any more reading. :-) Let me know if I do,
It's pretty simple. Just choose x and y to be less than q, rather than
less than p, and everything else stays the same.
We could do without but it's warm fuzzies for the cryptographer at
little cost here...
> So maybe change:
> # openid.auth_type = 'hmac-sha1'
> # openid.auth_type = 'hmac'
> # openid.hash_pref = 'sha256,tiger,sha1'
openid.auth_pref = 'hmac-sha1,hmac-tiger,ecdsa-sha256'
in the call to get_authkey. But I think this is making things too
complex. Consumers should just call get_authkey for their favourite
auth type, and try again with their next favourite if it's not supported.
I've updated the spec to include these latest changes, and added dumb
How will you move to the new protocol? Should the code that implements
the new protocol attempt to be backward compatible with existing
servers/consumers? It's certainly possible to write backwards
compatible code, but I'd be inclined to set a cutoff date after which LJ
won't support the old protocol and support will be removed from the CPAN
modules, to make sure people don't assume it will be around forever.
\/ o\ Paul Crowley, paul at ciphergoth.org
More information about the yadis