[OpenID] My 2 Cents to the OpenID foundation

John Bradley john.bradley at wingaa.com
Fri Apr 3 03:09:26 UTC 2009


Myspace supports HMAC-SHA256 and DH-SHA256 for openID 2.0 in my testing.

If they have a openID 2.0 interop issue please let me know and I will  
attempt to capture it in an OSIS interop test.   However I am not  
seeing a problem with there associations, or anything else on a quick  

John Bradley

Prepared outgoing AssociateDiffieHellmanRequest (2.0) message for http://api.myspace.com/openid 
	openid.dh_gen: Ag==
	openid.dh_consumer_public: TNFXwmU9QTifKkmklQzq/ubOjdCjL5sHvm0SBy 
	openid.assoc_type: HMAC-SHA256
	openid.session_type: DH-SHA256
	openid.mode: associate
	openid.ns: http://specs.openid.net/auth/2.0

Processing incoming AssociateDiffieHellmanResponse (2.0) message:
	dh_server_public: AKFvVHZ4LpjD+EkqDiJps36/ 
	enc_mac_key: hSkCJoXCmmQnnUTe0T2yGGerEmv/LbJ54dEymarLj4A=
	assoc_handle: {{HMAC-SHA256}{1238725530.30107}{XCfj0g==}
	assoc_type: HMAC-SHA256
	session_type: DH-SHA256
	expires_in: 1209599
	ns: http://specs.openid.net/auth/2.0

On 2-Apr-09, at 4:23 PM, general-request at openid.net wrote:

> Date: Thu, 02 Apr 2009 12:08:56 -0700
> From: Martin Atkins <mart at degeneration.co.uk>
> Subject: Re: [OpenID] My 2 Cents to the OpenID foundation
> To: general at openid.net
> Message-ID: <49D50D48.8030709 at degeneration.co.uk>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> santrajan wrote:
>> myspace signatures are SHA512 not in Openid specs. The dont support  
>> SHA1 and
>> SHA256.
> Ahh. This explains the interop problems with various sites I tried.
> I guess they're getting this support from DotNetOpenId, which supports
> additional signature schemes HMAC-SHA384, HMAC-SHA512, DH-SHA384 and
> DH-SHA512.
> It'd be good if MySpace could at least also enable SHA256 for interop
> with compliant OpenID 2.0 implementations. (Though I'm aware of at  
> least
> a few implementations that currently only support SHA-1, but that's
> certainly a problem since SHA-1 has been broken.)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2486 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090402/78d947fb/attachment-0002.bin>

More information about the general mailing list