<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6000.16414" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=288294818-19032007><FONT face=Arial
color=#0000ff size=2>Hey Simon,</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=288294818-19032007><FONT face=Arial
color=#0000ff size=2>So yes, when using SSL DH becomes no longer needed to
protect the MAC key. OpenID pre-1.0 originally had no DH, though people
encouraged Brad to add it for non-SSL cases.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=288294818-19032007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=288294818-19032007><FONT face=Arial
color=#0000ff size=2>--David</FONT></SPAN></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> general-bounces@openid.net
[mailto:general-bounces@openid.net] <B>On Behalf Of </B>Simon
Spero<BR><B>Sent:</B> Saturday, March 17, 2007 8:08 PM<BR><B>To:</B>
general@openid.net<BR><B>Subject:</B> [OpenID] Is the Diffie-Helman key exchange
mechanism necessary?<BR></FONT><BR></DIV>
<DIV></DIV>I'm not sure if the DH mechanism is that big a win. <BR><BR>If
the claimed ID is an https:// URL, then the discovery will involve an
SSL key exchange. <BR><BR>If the identity provider endpoint is on
the same server, then the session created in the discovery process will
almost certainly still be valid. <BR>If that key is valid, then relying on
transport level encryption will avoid the additional PKOPs.
<BR><BR>If the session is expired, or if the endpoint is on a
separate host then establishing an SSL connection will involve some PKOPs; any
DH PKOPs will still be superfluous. <BR><BR>Why not rely on the transport layer
to cover the key exchange ?
<BR><BR>Simon<BR><BR><BR><BR><BR></BODY></HTML>