[OpenID] Nonces generated by the server?

Andrew Arnott andrewarnott at gmail.com
Tue Mar 31 22:15:05 UTC 2009 

The OP MUST be able to send a nonce to support unsolicited assertions, where
the RP never sends any request at all.  And then there's dumb mode, where
the OP consumes its own nonce.
In OAuth when the consumer is sending a nonce, the service provider consumes
it.  So both with OpenID and OAuth, the party that produces the nonce and
the party that consumes it are two different parties.

DotNetOpenId/DotNetOpenAuth is one such library that absolutely checks the
nonce to prevent replays.  When in the RP role, it also tacks a
request_nonce to the return_to when communicating with 1.1 OPs since they
are not expected to send a response_nonce as part of the assertion.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire


2009/3/31 Martin Atkins <mart at degeneration.co.uk>

>
> I was idly reading the OpenID spec today and was reminded that the OpenID
> spec has the server generate a response nonce, rather than it being
> generated by the consumer.
>
> This seems strange to me, because in order to prevent replay it requires
> the consumer to remember all nonces that it has seen recently. If the
> consumer generated the nonce, then it would only need to retain state of
> nonces that it has issued, which is conceptually simpler.
>
> I note that over in OAuth land they have the consumer generate the nonce
> rather than the server.
>
> Is there a specific security reason why the server generates the nonce in
> OpenID, or was this just an arbitrary decision?
>
> I'm also somewhat curious about how many OpenID consumers actually do nonce
> checking. Net::OpenID::Consumer for Perl actually ignores the nonce
> altogether and implements its own timestamp checking due to legacy code for
> OpenID 1.1, and seems to be vulnerable to replay for up to 30 seconds after
> a positive assertion. Are *any* RPs actually checking nonces to prevent
> replay during the timestamp window?
>
>
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090331/a7d68f62/attachment-0002.htm>

More information about the general mailing list