Nat Sakimura schrieb: > 1) Storing many users' private key on the server in decryptable format is > not very safe. > > In your proposal, it looks like that OP is going to hold the private key for > each user in decryptable format. Considering that most large scale privacy > leakage happens at the server side, I have got a feeling that such thing > like private key in a shared location.
If you can't trust your OP to keep your secrets secret, there's nothing you can do about that. Of course, you would not use a key that's valid as a key for anything else than OpenID. It's also possible that the OP does not know the private key by using two key pairs: . pers_secret, pers_public (the identity) . temp_secret, temp_public The OpenID Povider only has the following: . pers_public . temp_secret, temp_public . cert = sign(temp_public, with_key=pers_secret) The _real_ private key, pers_secret, is kept by the user. If the server is compromised (or becomes rouge, trying to steal the identity), the user can still take his identity elsewhere by signing the tmp2_public key of another server. Claus _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs