<div class="gmail_quote">On Thu, Apr 12, 2012 at 10:18 PM, Russ Ferrill <span dir="ltr"><<a href="mailto:rferrill@vendorsafe.com">rferrill@vendorsafe.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Does the OpenID protocol require signing or does it just support it?</span></p></div></div></blockquote>
<div>It requires it, of course. Without signing OpenID would be completely worthless (worse, in fact).</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Does the DNOA implementation of OpenID implement signing by default?</span></p></div></div></blockquote>
<div>Yes. You can't turn it off. </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> I assume that if the OP is signing the data that it sends to the RP, then the RP must
be configured to use the same hashing algorithm and key as the OP. </span></p></div></div></blockquote><div>That's one option in OpenID. Another is that the OP signs the data and sends it indirectly to the RP (via the browser redirect) then the RP sends the data back (directly) to the OP and the OP verifies its own signature. Both flows are defined in the spec. The option where the RP verifies the signature itself is loosely dubbed "smart mode" or "shared associations" and the forwarding it back to the OP for verification is called "dumb mode" or "private associations". </div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Can you tell me where these are set?</span></p>
</div></div></blockquote><div>It's distributed more than you might expect. The code that chooses the hashing algorithm, communicates it with the other party, and handles SSL vs. non-SSL, the fallback mechanisms, etc. is quite complex.</div>
<div>Just a couple of places of interest may be these two files, which calls into the code that generates the key, and places that key in a message that is sent to the RP so that they agree on the key to use. I'm not going to review the entire OpenID protocol around key exchange and how this code works though, so please do your reading of the spec to learn if you're curious.</div>
<div>DotNetOpenAuth.OpenId.Provider\OpenId\Messages\AssociateUnencryptedResponseProvider.cs</div><div>DotNetOpenAuth.OpenId.Provider\OpenId\Messages\AssociateDiffieHellmanProviderResponse.cs</div><div><br></div><div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I’m using the WebRingSsoProvider and Relying Party. Do they use the same configuration parameters for hashing algorithm and key as for Forms Authentication?
If so, then I know how to set those.</span></p></div></div></blockquote><div>You mentioned two specific samples from DNOA. These samples don't override any of the security behavior of DNOA. While DNOA <i>does</i> let the host web site restrict which crypto algorithms are available to use (for example, perhaps you decide you only trust HMAC-SHA256 and not HMAC-SHA1, or you only want shared keys to last 1 day instead of 14). But these samples don't adjust these defaults.</div>
<div>Forms Authentication doesn't require communicating with any remote party, so I assume you mean the signing/encrypting that FormsAuth does on its HTTP cookie. No, it's not necessarily the same. <a href="http://ASP.NET">ASP.NET</a> forms authentication is generally a fixed configuration setting, whereas OpenID can use different crypto algorithms based on who its talking to.</div>
<div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Can you tell me which OP method does the signing and which RP method checks the signature?</span></p>
</div></div></blockquote><div>All of them. That is, every RP will either check the signature or forward the message back to the OP to check the signature.</div><div><br></div><div>Please read the spec. Most of your questions are answered there.</div>
</div>