[OpenID] Nonces generated by the server?
Johannes Ernst
jernst+openid.net at netmesh.us
Tue Mar 31 21:38:03 UTC 2009
It makes it easier to implement IdP-initiated SSO, i.e. a shorter
redirect dance.
On Mar 31, 2009, at 14:28, Martin Atkins wrote:
>
> I was idly reading the OpenID spec today and was reminded that the
> OpenID spec has the server generate a response nonce, rather than it
> being generated by the consumer.
>
> This seems strange to me, because in order to prevent replay it
> requires the consumer to remember all nonces that it has seen
> recently. If the consumer generated the nonce, then it would only
> need to retain state of nonces that it has issued, which is
> conceptually simpler.
>
> I note that over in OAuth land they have the consumer generate the
> nonce rather than the server.
>
> Is there a specific security reason why the server generates the
> nonce in OpenID, or was this just an arbitrary decision?
>
> I'm also somewhat curious about how many OpenID consumers actually
> do nonce checking. Net::OpenID::Consumer for Perl actually ignores
> the nonce altogether and implements its own timestamp checking due
> to legacy code for OpenID 1.1, and seems to be vulnerable to replay
> for up to 30 seconds after a positive assertion. Are *any* RPs
> actually checking nonces to prevent replay during the timestamp
> window?
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
More information about the general
mailing list