Without taking a position, I would point out that supporting DH is not a cost-free proposition. For instance, it requires integration with crypto code, which can get you hung up on snags with export rules and/or make it difficult to deploy applications in limited hosting environments.<br>
<br>In contrast, the SSL layer is mostly invisible to the application.<br><br><div class="gmail_quote">On Tue, Mar 17, 2009 at 2:58 PM, Brett McDowell <span dir="ltr"><<a href="mailto:brett@projectliberty.org">brett@projectliberty.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">In the spirit of trying to leverage/re-use any capacity and/or lessoned learned in the area of interoperability & conformance "test suit" development and program administration, I have some questions about what is really needed in this regard right now (depending on the answer, maybe I could offer some help).<br>
<br>
Which of the following testing methodologies sounds like the most useful at this point in time?<br>
(a) Reference Implementation to test against<br>
(b) Conformance test suite with logging, verbose error handling and reporting, etc.<br>
(c) Just a test procedures document that clearly lays out interoperability testing per conformance "mode"<br>
(d) Online coordination support for voluntary testing using (c) from above<br>
(e) In-person interop testing events based on (c) above<br>
<br>
And related to this, is there any need/demand for 3rd-party proctored interoperability testing & certification of OpenID implementations, or is all we need/want right now more support for voluntary/informal testing?<br>
<font color="#888888">
<br>
<br>
Brett McDowell | +1.413.652.1248 | <a href="http://info.brettmcdowell.com" target="_blank">http://info.brettmcdowell.com</a></font><div><div></div><div class="h5"><br>
<br>
On Mar 17, 2009, at 5:31 PM, Allen Tom wrote:<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
+100 - we'd be very happy to see an OpenID test suite!<br>
<br>
Allen<br>
<br>
Martin Atkins wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
To complete this thought, I think a pre-requisite for work on 2.1 is a comprehensive test suite for 2.0 and a harness to run the tests against popular implementations.<br>
<br>
This will allow changes made for 2.1 to be regression tested against existing implementations. For example, we could make an implementation that doesn't do the DH association step and see which implementations that breaks.<br>
<br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</blockquote>
<br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</blockquote>
<br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>--Breno<br><br>+1 (650) 214-1007 desk<br>+1 (408) 212-0135 (Grand Central)<br>MTV-41-3 : 383-A <br>PST (GMT-8) / PDT(GMT-7)<br>