[OpenID] D-H vs SSL
Martin Atkins
mart at degeneration.co.uk
Thu Mar 19 00:28:10 UTC 2009
Johannes Ernst wrote:
>> Yahoo and others argue that since they only support associations over
>> SSL the DH encryption is redundant.
>
> It may be in some scenarios, it is not in others.
>
> For example, in a corporate behind-the-firewall deployment it may be
> unreasonably complicated to set up SSL for a departmental server.
>
> I would hate it if we had to tell those guys that they then have to send
> around their secrets in clear text.
>
I think the proposal here is that:
* If the OP endpoint is using SSL, the RP MUST use the cleartext session
method and no other.
* If the OP endpoint is *not* using SSL, the RP MUST NOT use the
cleartext session method.
This seems reasonable enough to me assuming a world with no existing
implementations. However, I'm hesitant to support it without some
research to show that existing RPs in the wild aren't doing DH over SSL,
since such RPs would of course be broken by such a change.
More information about the general
mailing list