Maybe it's just me, but I don't like the terminology we're using. DH and SSL are only redundant when used together. Otherwise they're complementary. If SSL cannot be used, for whatever reason, DH is mandatory.<br clear="all">
--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - Voltaire<br>
<br><br><div class="gmail_quote">2009/3/19 Ben Laurie <span dir="ltr"><<a href="mailto:benl@google.com" target="_blank">benl@google.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>On Thu, Mar 19, 2009 at 1:08 AM, Allen Tom <<a href="mailto:atom@yahoo-inc.com" target="_blank">atom@yahoo-inc.com</a>> wrote:<br>
> Martin Atkins wrote:<br>
>><br>
>> However, I'm hesitant to support it without some research to show that<br>
>> existing RPs in the wild aren't doing DH over SSL, since such RPs would of<br>
>> course be broken by such a change.<br>
>><br>
> Last time I checked, most RPs were doing DH over SSL to the Yahoo OP. As<br>
> you very correctly pointed out, we would not be able to turn DH off without<br>
> breaking existing RPs, but it would be nice if the OpenID spec discouraged<br>
> this behavior, so that we could eventually eliminate this redundancy.<br>
<br>
</div>Is it redundant? If you do DH over SSL, then you negotiate a shared<br>
secret that cannot be MitMed (unlike plain DH). This secret could then<br>
be used to avoid the overhead of SSL for other transactions.<br>
<div><div></div><div><br>
> Also, based on our logs, it looks like some people were trying to learn how<br>
> to implement DH while building their OpenID support. This is really not a<br>
> good idea, and there's really no reason for RP developers to try to figure<br>
> out DH if they don't have to.<br>
><br>
> Personally, one of the most attractive traits of OpenID is its relative<br>
> simplicity compared to other protocols, and that it only implements things<br>
> that people really need. Instead of expanding the protocol on every<br>
> revision, perhaps OpenID could set an example by removing things that aren't<br>
> really used.<br>
><br>
> Allen<br>
><br>
><br>
><br>
><br>
> _______________________________________________<br>
> general mailing list<br>
> <a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
> <a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
><br>
_______________________________________________<br>
general mailing list<br>
<a href="mailto:general@openid.net" target="_blank">general@openid.net</a><br>
<a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
</div></div></blockquote></div><br>