[OpenID] My 2 Cents to the OpenID foundation

John Bradley john.bradley at wingaa.com
Mon Apr 6 23:14:16 UTC 2009

Hi Allen,

You are correct that SHA256 or DH or for that matter associations are  
not required.

In 6.2 nether of the Signature Algorithms are required,  It would have  
been clearer if SHA1 was a MUST and SHA256 RECOMMENDED.   However we  
have no must and only SHA256 is RECOMMENDED.

It is under-specified for RPs leaving a potential interoperability hole.

Given that MySpace may only be supporting SHA256 and not SHA1 in there  
OP it pushes the burden on to the RP code to support both.

Given that in general OPs have more resources it would be a nicer  
world if OPs supported both of the options.

I grant you my nicer world argument is one of the weaker ones I have  

I expect that as soon as there is a significant RP that is not doing  
SHA1 and falling back to dumb mode for each authentication OPs will  
have more incentive to implement SHA256.

SHA1 has a known weakness but it is hard to exploit in the openID  
flow, so the best I have for you is the being a nice OP argument.

John Bradley

On 6-Apr-09, at 3:40 PM, Allen Tom wrote:

> John Bradley wrote:
>> Yahoo and I have an ongoing disagreement over the requirement for  
>> openID 2.0 OPs to support HMAC-SHA256,  they believe that HMAC-SHA1  
>> is sufficient. I think that if an RP ask for a SHA256 association  
>> they should support it.  (Allen feel free to defend yourself:)
> Hi John,
> I don't think any RP has asked us to support HMAC-SHA256, so we  
> haven't gotten around to implementing it yet. As far as I can tell,  
> Section 6.2 of the OpenID 2.0 spec does not require OPs to support  
> HMAC-SHA256.
> Thanks
> Allen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2486 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090406/b56831c7/attachment-0002.bin>

More information about the general mailing list