[OpenID] Higher SHA values
Andrew Arnott
andrewarnott at gmail.com
Wed Aug 13 23:41:56 UTC 2008
I'm introducing support for HMAC-SHA384, HMAC-SHA512, DH-SHA384 and
DH-SHA512 to DotNetOpenId, consistent with the naming scheme defined in
OpenID 2.0. I think somewhere in the spec it suggests that independent
implementations can create new ones of these, so I think this is in
conformance with that spirit. Anyway it still supports backward
compatibility to the lesser hashes, and in fact the RP may end up defaulting
to asking for 256 bit hashes for now anyway since that is still considered a
secure hash and it's more likely to succeed at associating with an OP than
384 or 512 is at the moment. :)
Speaking of secure hashes, SHA1 isn't one. It's been broken. Why is
yahoo.com still only supporting SHA1?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080813/265bb781/attachment-0002.htm>
More information about the general
mailing list