OpenID {HMAC-SHA1}{blah1}{blah2} spec
Kevin Turner
kevin at janrain.com
Mon Oct 2 18:00:13 UTC 2006
On Mon, 2006-10-02 at 08:01 -0700, Eric M. Hopper wrote:
> What are the interpretations of the values in {blah1} and {blah2}? This
> way of specifying HMAC-SHA1 keys is not mentioned in the RFC, nor is it
> elucidated in the spec.
If you're referring to the assoc_handle values you see with some
servers, they are opaque identifiers generated by the server for its own
reference when looking things up in its store of secrets. They are not
required to be structured or human-readable at all. The convention
you're seeing here is something done by some of the implementations to
make debugging a little easier.
More information about the general
mailing list