private association fro unsolicited positive assertions
Breno de Medeiros
breno at google.com
Fri Mar 26 09:02:41 UTC 2010
On Fri, Mar 26, 2010 at 08:04, nara hideki <hdknr at ic-tact.co.jp> wrote:
> Hi experts,
>
> I'm afraid that this question has been discussed ,but I can't found that.
>
> "10. Responding to Authentication Requests" of Auth 2.0 Final says:
>
> OPs SHOULD use private associations for signing unsolicited
> positive assertions.
It could lead to less interoperability -- if the RP has revoked the
key (e.g., because it suspects that the key has been compromised),
then the RP would reject the assertion as an error (recognizing the
revoked handle).
A similar situation appears if the OP has a policy on key refresh rate
that is longer than the RP's. That would cause the RP to revoke the
key when the OP still believes it as valid.
I think the current reading of the spec promotes interoperability with
flexibility in key management, and that's good for security.
>
> I'd like to know the reason why "SHOULD is used rather than "MAY".
> Is there any security threat if we don't use private associations
>
> Thanks in advance.
>
> -----
> hdknr.com
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>
--
--Breno
+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)
More information about the specs
mailing list