[OpenID] D-H vs SSL
Ben Laurie
benl at google.com
Thu Mar 19 12:45:10 UTC 2009
On Thu, Mar 19, 2009 at 1:08 AM, Allen Tom <atom at yahoo-inc.com> wrote:
> Martin Atkins wrote:
>>
>> However, I'm hesitant to support it without some research to show that
>> existing RPs in the wild aren't doing DH over SSL, since such RPs would of
>> course be broken by such a change.
>>
> Last time I checked, most RPs were doing DH over SSL to the Yahoo OP. As
> you very correctly pointed out, we would not be able to turn DH off without
> breaking existing RPs, but it would be nice if the OpenID spec discouraged
> this behavior, so that we could eventually eliminate this redundancy.
Is it redundant? If you do DH over SSL, then you negotiate a shared
secret that cannot be MitMed (unlike plain DH). This secret could then
be used to avoid the overhead of SSL for other transactions.
> Also, based on our logs, it looks like some people were trying to learn how
> to implement DH while building their OpenID support. This is really not a
> good idea, and there's really no reason for RP developers to try to figure
> out DH if they don't have to.
>
> Personally, one of the most attractive traits of OpenID is its relative
> simplicity compared to other protocols, and that it only implements things
> that people really need. Instead of expanding the protocol on every
> revision, perhaps OpenID could set an example by removing things that aren't
> really used.
>
> Allen
>
>
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
More information about the general
mailing list