[OpenID] cryptographics web of trust

Peter Williams pwilliams at rapattoni.com
Sat Aug 11 17:30:46 UTC 2007 

Using the primitives from http://usefulinc.com/foaf/iMadeThis, you can easily go one step further. This will in fact help OpenID -- which necessarily internally relies on SSL, having such a poor security protocol design, itself. What is that step?

Well, first, what is it not?

Henry decided that multiple references to his static RSA-public via FOAF relations will ultimately protect the distribution of the key. that is: checking multiple local resolvers, one can build confidence in a global name/key. This is similar to Ed Gerck's theory of spread-spectrum reliance - for which he provides a basis in classical information theory, information redundancy  - a process that defines a computable confidence metric for a reliable emailAddresses (see nma.com, and its secure web mail scheme).

second, we can note that the IMadeThis primitive allows one to sign an arbitrary RDF file, hanging off one's FOAF file. Relying on the FOAF statements allows the same relying party to rely on arbitrary RDF-based statements, that #i have posted around the web, the same file in possibly, multiple locations.

Third, one of those statements can be my public key file itself, of course. The public key file can thus be self-signed. Surely, we can define a trivial objectclass in OWL that enables FOAF class to represent the public key and exponent/generator parms values directly, rather than pointing to an asc file in some arcane PGP file format? I know Rivest did this - in some other definitional vocab - in the SPKI RFC.

Fourth, SSL just loves self-signed public keys, as does SSL implementing (1) http1.1SSL tunnels and (2) https semantics. The actual SSL infrastructure for https of course works wonderfully and ubiquitously with self-signed RSA public keys (self-signed certs, today).

Fifth, actual SSL libraries intentionally made/make a seperation between the SSL protocol handlers -- and the non-SSL PKI libraries using 80-era formats for TTP-signed or self-signed public key certificates. It should not be hard to replace the PKI library hooks with an equivalent, signed-RTF hook. Ben Laurie could do it in a day, to achieve 80% quality.

If OpenID Auth is going to rely on SSL (a) to protect its DH backchannel and (b) when protecting the IDP/OP discovery, we need to make a profile of SSL that use this kind of signed-RDF key distribution practice - rather than force OpenID (a decentralized UCI scheme) to adapt to inconsistent, TTP-based _certified_ key distribution practice that come with https, by default.

More information about the general mailing list