security
Pete Rowley
prowley at redhat.com
Wed Oct 25 21:44:57 UTC 2006
Dan Lyke wrote:
> On Wed, 25 Oct 2006 13:35:10 -0700, Pete Rowley wrote:
>
>> Sure - but that doesn't make it a good solution. Introducing
>> persistent key pairs at all requires the group to work on key
>> management.
>>
>
> I just read through the OpenID 2.0 specification, and it looks like
> the "association" addresses exactly this.
>
That appears to deal with key generation and usage. Perhaps I am missing
it - where is the section on revocation? My understanding is the
association is temporary for a session - I believe you were talking
about persistent key pairs?
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20061025/868eb101/attachment-0002.bin>
More information about the general
mailing list