[OpenID] On the portability of identifiers

Ben Laurie benl at google.com
Mon Nov 3 15:28:23 UTC 2008 

On Sat, Nov 1, 2008 at 1:56 AM, Dick Hardt <dick.hardt at gmail.com> wrote:
>
> On 31-Oct-08, at 6:17 AM, Ben Laurie wrote:
>
>> On Fri, Oct 31, 2008 at 4:17 AM, Dick Hardt <dick.hardt at gmail.com> wrote:
>>>
>>> I gave a presentation on this problem and a possible solution at the last
>>> IIW. (I should write up a blog post or something about it.)
>>> I described the problem as a loss of control of the identifier. XRIs have
>>> a
>>> layer of indirection on the identifier, but there is still just the one
>>> identifier, and if someone else has control of it, then they control your
>>> online persona that you have established with it. Certs have a different,
>>> but effectively similar problem you describe. If you lose the private
>>> key,
>>> you have lost control of the identifier.
>>> One way of solving this is to have more then one identifier --
>>> essentially
>>> an identifier set -- so that if you lose control of one identifier, you
>>> have
>>> not lost control of the identifier set. If the set has three identifiers,
>>> then you only need to present two of them to show it is you, and then you
>>> can substitute a new identifier so that you again have a redundant set.
>>> An implementation of this would be to have two URLs and one
>>> public/private
>>> key pair. The URLs each contain a document that references the other URLs
>>> as
>>> well as contains the public key. Messages are signed by the private key
>>> and
>>> include a signature of the public key as well as the two URLs. Message
>>> verification is done by fetching the documents at each URL and verifying
>>> the
>>> signature.
>>> In a world of opaque identifiers and smart clients, this all can be
>>> transparent to the user. They just saw they want to log in with a
>>> particular
>>> identifier set.
>>> If anyone is interested in discussing this further, please let me know.
>>
>> I'm certainly interested in the problem, but I'm not sure this
>> solution makes sense to me - certainly the concept of k of n
>> identifiers being sufficient is a good one, but I'm not getting the
>> details of this plan: what is the value of the signatures on the
>> documents at the URLs?
>
> Don't see where you see the signatures of the documents. The message is
> signed, not the documents.
> The documents contain the public key corresponding to the private key used
> to sign the message.
>
> The identifiers are the two URLs and the key pair.

Oh, I see.

> I can write this up so that it is easier to understand if you are interested
> Ben.

Sure, coz what you have written so far sounds broken.

More information about the general mailing list