<!doctype html public "-//W3C//DTD W3 HTML//EN">
<html><head><style type="text/css"><!--
blockquote, dl, ul, ol, li { padding-top: 0 ; padding-bottom: 0 }
--></style><title>Re: [OpenID] [security] Re: generation
fragments</title></head><body>
<div>>So, while I still retain possession of my URI (before I give
it up), I "log in" with my old URI to a universal OpenID
revocation list. Then I go ahead and give up control of that
Identifier. End of story for the end user.</div>
<div><br></div>
<div>I like it . . . sounds simple enough for the end user to
understand (whereas I would shudder trying to give them an accurate
idea of how PKI works!), doesn't ask too much of them. It can probably
be represented with a direct analogy to E-mail addresses.</div>
<div><br></div>
<div>>Perhaps OpenID v.next can include a provision that requires
RPs to check some <a
href="http://openid.net/revocationlist">openid.net/revocationlist</a>
URI periodically to download a list of URIs to never allow login
for.</div>
<div><br></div>
<div>That sounds more like a blacklist than revocation list. Or are
you suggesting that OP's assign a generation fragment to *every* URI
simply to account for the possibility that, at some future time,
any/all of these URI's *might* change hands?</div>
<div><br></div>
<div>>And yes, OpenID is supposed to be decentralized. I
haven't figured that one out yet. </div>
<div>></div>
<div>>Thoughts?</div>
<div><br></div>
<div>Use a P2P structure where any OP in the community can use CRL's
signed by others?</div>
<div><br></div>
<div>But here's a new headache: with the CRL possible merely by
"the user logging in", there's no longer the freedom to
simply switch to another OP if you don't like the one you have - a
malicious OP could permanently terminate your Identity!</div>
<div><br></div>
<div>If you still had control of the URI this would be more of a reset
than a termination, but I think that adding to the CRL should be
determined by the same weak point that we already have: an ability to
add headers to the URL of your Identity page. Whoever demonstrates
ownership of that page has the power to specify an OP, so if they've
got that then they're already holding the keys to your kingdom
anyway.</div>
<div><br></div>
<div>-Shade</div>
</body>
</html>