[OpenID] D-H vs SSL
George Fletcher
gffletch at aol.com
Thu Mar 19 12:24:03 UTC 2009
In the case of OpenID, isn't the use of DH or SSL just a mechanism to
"securely" exchange a shared secret that will be used to sign the AuthN
Response?
From this perspective I look at them as being redundant.
The only slight difference is that with DH the secret is never in the
clear anywhere along the path while with SSL, it might be in the clear
within an organization if the org is using things like netscalers to
terminate the SSL connection. I don't see this has having a big impact
on security... though it is a difference.
Thanks,
George
Hans Granqvist wrote:
>> ... DH over SSL is not something we can
>> completely remove in the next revision despite it being redundant.
>>
>
> But it's not redundant, is it?
>
> TLS is transport layer security and the negotiated secrets (e.g., D-H keys) are
> only to be used *inside* the transport layer.
>
> The OpenID Diffie-Hellman key agreement is exactly the opposite: a secret
> to be used *outside* the transport layer.
>
> To make these secrets visible or to introduce dependencies cross layer
> boundaries
> quickly complicates protocol security risk assessment analysis.
>
>
> Hans
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
>
More information about the general
mailing list