Nat Sakimura schrieb:
> 1) Storing many users' private key on the server in decryptable format is
> not very safe. 
> In your proposal, it looks like that OP is going to hold the private key for
> each user in decryptable format. Considering that most large scale privacy
> leakage happens at the server side, I have got a feeling that such thing
> like private key in a shared location.

If you can't trust your OP to keep your secrets secret, there's nothing 
you can do about that. Of course, you would not use a key that's valid 
as a key for anything else than OpenID.

It's also possible that the OP does not know the private key by using 
two key pairs:

. pers_secret, pers_public (the identity)
. temp_secret, temp_public

The OpenID Povider only has the following:

. pers_public
. temp_secret, temp_public
. cert = sign(temp_public, with_key=pers_secret)

The _real_ private key, pers_secret, is kept by the user. If the server 
is compromised (or becomes rouge, trying to steal the identity), the 
user can still take his identity elsewhere by signing the tmp2_public 
key of another server.


specs mailing list

Reply via email to