Specifying identifier recycling
=nat
n-sakimura at nri.co.jp
Mon Jun 4 06:11:46 UTC 2007
Dick's concern is very valid, I think.
I do not even want to think of the consequence of losing my own
main identity secret :-p
=nat
> -----Original Message-----
> From: specs-bounces at openid.net
> [mailto:specs-bounces at openid.net] On Behalf Of Dick Hardt
> Sent: Sunday, June 03, 2007 8:24 PM
> To: Johannes Ernst
> Cc: OpenID specs list
> Subject: Re: Specifying identifier recycling
>
> There is a huge difference between the OP/RP shared secret
> and using a shared secret as an identifier.
>
> The secret between the OP and RP has a mechanism for it to be
> recycled. If it happens to be lost, then the pair can set up
> a new secret.
>
> If the user's secret is lost, then that identifier and any
> accounts that it was used for are lost.
>
> -- Dick
>
More information about the specs
mailing list