key checks
Brad Fitzpatrick
brad at danga.com
Mon May 23 11:33:15 PDT 2005
On Mon, 23 May 2005, Imran Ghory wrote:
> some random ideas about verifying the keys of the id server:
>
> 1) The consumer should send (via the user) the fingerprint it holds
> for the ID server keys, that way the ID server will know (and be able
> to keep track) if something like DNS poisoning has occured or if a
> consumer has obtained a dodgy key.
If DNS poisoning occured, it's the hijacked ID server that'll be getting
the fingerprint, which means it can do whatever it wants, and I bet
telling the consumer that it's been owned isn't high on its list.
> 2) As an extension of the above idea, if the fingerprint it gets is
> for an old key then it should send a reply with the old key but also a
> signed notice saying "I have a new key this is its fingerprint". This
> would give some level of security for when id servers change key.
The keys change so rarely that I'm counting on this logic:
if (check signature with DSA public key from cache) {
return GOOD;
} else if (check signature with DSA public key, not cached) {
return GOOD;
} else {
return BAD;
}
>
> Imran
> _______________________________________________
> yadis mailing list
> yadis at lists.danga.com
> http://lists.danga.com/mailman/listinfo/yadis
>
>
More information about the yadis
mailing list