[email protected] writes:
>> Sure, this works for a single request. However it also means you need
>> to have the AS involved in *every* request because you cannot reuse R.
>> Another option would be:
>>
>> AS sends an Access token, encrypted to the RS, and includes a MAC
>> Session Key (Kms). The Client can send the token, a Nonce (N), and N
>> encrypted with Kms ({N}Kms) to prove posession of Kms. Of course to
>> protect replay attacks the RS has to keep a cache of all Nonces used
>> under Kms.
> Prove knowledge of key by encryption is not a good idea,as you
> mentioned, for having to keep a cache.
You only have to keep a cache for the validity of the token. In your
case you have to keep a cache forever, because the token could
theoretically be reused over and over with the same commitment and R
values. At best the caches are the same, but in both cases you have to
contain a cache. Therefore your statement above is invalid.
-derek
--
Derek Atkins 617-623-3745
[email protected] www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
