[OpenID] My 2 Cents to the OpenID foundation

santrajan santrajan at gmail.com
Thu Apr 2 19:16:04 UTC 2009

But I think there is more to it than just that. Because i was not able to
verify their SHA512 signature though their response mentions clearly it is

Martin Atkins-2 wrote:
> santrajan wrote:
>> myspace signatures are SHA512 not in Openid specs. The dont support SHA1
>> and
>> SHA256.
> Ahh. This explains the interop problems with various sites I tried.
> I guess they're getting this support from DotNetOpenId, which supports 
> additional signature schemes HMAC-SHA384, HMAC-SHA512, DH-SHA384 and 
> DH-SHA512.
> It'd be good if MySpace could at least also enable SHA256 for interop 
> with compliant OpenID 2.0 implementations. (Though I'm aware of at least 
> a few implementations that currently only support SHA-1, but that's 
> certainly a problem since SHA-1 has been broken.)
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

View this message in context: http://www.nabble.com/My-2-Cents-to-the-OpenID-foundation-tp22841100p22855128.html
Sent from the OpenID - General mailing list archive at Nabble.com.

More information about the general mailing list