Server losing secrets?
Carl Howells
chowells at janrain.com
Fri Jun 24 14:39:14 PDT 2005
Brad Fitzpatrick wrote:
> Good find! Here's my vote:
>
> -- if server doesn't remember that handle, you reply like you would in
> dumb mode, where you simply pick your own handle. consumer will
> then have to verify using dumb mode
>
> -- server also includes in the id_res response the key:
>
> openid.invalidate_handle=[unrecognized_one]
>
> the consumer will actually invalidate that one once it verifies the
> other handle's signature matches (with check_authentication mode) to
> combat a third party from killing a consumer's cache just by sending
> fake id_res responses
>
>
> Cool?
I think that would work fine. Just remember that 'invalidate_handle'
would need to be in the openid.signed list in that case, too. (And be
part of the signature, obviously.)
Carl
More information about the yadis
mailing list