security
James A. Donald
jamesd at echeque.com
Thu Oct 26 09:08:05 UTC 2006
Dan Lyke wrote:
> > Personally, I'm thinking that some sort of private key and a cache so
> > that an RP can verify that it's retrieving information from the same
> > IdP it did before is much more likely to actually get deployed.
Pete Rowley wrote:
> Sure - but that doesn't make it a good solution. Introducing persistent
> key pairs at all requires the group to work on key management. How do
> you revoke a key? How do you recover from key loss? Domain transfer?
> Adding keys without answers to those questions makes the "solution"
> unwise to deploy even if it _is_ deployed.
The RP gets the identifier url from user. It then gets the resource.
Now suppose the information in that resource has changed from what it
was last time and the url is http, not https.
It could simply inform the user that his open id server and or open id
delegation has been changed since the last time he logged in, and ask if
this is OK - use old open id server, or use new one? If user changed
it, he will just click through. (use new one) If he did not change it,
he will at least get a chance to smell a rat.
More information about the general
mailing list