[OpenID] signing alg and high order bits
Peter Williams
pwilliams at rapattoni.com
Mon Jul 13 05:48:24 UTC 2009
Folks should consult a professional cryptographer .... but
note that in the original scheme for signed XRDs, using SAML tokens, there are random high-order bits early on in the serialization of the to-be-signed material (the xml:id field).
in the google spec, the query string is quite predicable, as are the type' tag's attributes
if the XRI authority is using cids for query, and the cid are as in the openxri server from a predictable sequence generator (0,1,2...!) then resolution of canonical-id queries doesn't help.
Eastlake and Solo were both very experienced security/cryptography experts, who lived through the vulnerabilities of early phase X.509 (1988-1990) using RSA. I assume that the control parameters of the xmldsig signing mechanism (the algorithm specifiers and the URI refs) are part of the hashed mateiral. If not, these need to go in the to-be-signed material.
More information about the general
mailing list