Yet Another MerryGoRound

Jean-Luc Delatre jld at club-internet.fr
Tue May 24 06:52:22 PDT 2005 

Or at least that's what it feels like when just dropping in...

I am in search of a distributed authentication system, i.e. a way to 
disseminate signed documents (*not* crypted) which authorship could be 
authenticated.

This is a common subproblem to all SSO or distributed ID systems.

Having browsed thru the archive I am puzzled by the questions asked 
which are a strange mix of murky implementation details and 
"philosophical" considerations.

Do you guys really have a clear understanding of what you are heading for?

 From my own view I would rather avoid reinventing the wheel as far as 
the *basics* are concerned.
Sticking to well established standards where there are some like using 
HMAC (http://www.faqs.org/rfcs/rfc2104.html) instead of cooking up "yet 
another" signature scheme.
But also avoiding nearly obsolete ones like SHA1  (see : 
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html)
This may be still secure enough for a while at the level you are 
targeting but why investing in an ultimately doomed scheme?
I would rather favor Tiger 
(http://www.cs.technion.ac.il/~biham/Reports/Tiger/) which is fast, has 
a reasonable key length of 192 bits, is yet unbroken and is supported by 
libmhash (http://mhash.sourceforge.net/).
Available in all recent PHP implementations for instance.

But these are only minor problems relative to what I see as the *central 
issue*:

Only a public key system could match the challenges of a distributed 
authentication scheme!

I do agree with Brad 
(http://lists.danga.com/pipermail/yadis/2005-May/000228.html)

>Let's all go personal crypto certs from Verisign while we're at it and
>teach everybody PGP.
>
>Sorry, it's a great idea for geeks like us that understand, but the masses
>won't get it.
>
See also "Why Johnny Can't Encrypt" 
http://www.usenix.org/publications/library/proceedings/sec99/full_papers/whitten/whitten_html/

But nevertheless no one will cope with the problems without something 
similar to the PGP logic.
Mucking around topics like "multiple identity servers" is utterly 
useless, there is no "good answer".

Unfortunately the only path seems to be a *reimplementation* of just the 
needed subset of already proven solutions, both on the server side and 
the client side and this, in plain Javascript/PHP instead of fancy, 
geeky or proprietary languages BML, Perl, Ruby, ASP, .NET, whatever, 
because if you target "the masses" (as I do...)
you need to use what is available to them.

Yeah, I am a bit disappointed...

JLD  [Kevembuangga]

More information about the yadis mailing list