Fwd: Lua OpenID server implementation

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Fwd: Lua OpenID server implementation

Jens Alfke
From the OpenID list; haven't seen this posted here yet.

(OpenID is a lightweight identity protocol that lets people use a single identity to authenticate with multiple sites. It's similar in purpose to TypeKey or SXIP but doesn't rely on a central server. More info at http://openid.net and http://openidenabled.com.)

Begin forwarded message:

From: Keith Howe <[hidden email]>
Date: 21 January , 2006 12:07:59 AM PST
Subject: Lua OpenID server implementation

I have posted the initial alpha release of a Lua OpenID server
implementation. It can be found at http://luaopenid.luaforge.net/. It
(hopefully) complies with the "1.1" spec, but only supports plain-text
key exchange for shared secrets (no DH yet).

In the process I have also added a new wiki page at
coverage of the protocol for those who, like me, had no previous
exposure to it. This includes discussions about the apparent security
implications of various design elements which were not immediately
obvious to thick-headed folks such as myself.

It is not intended to replace the detailed specs. It is intended to
hopefully replace (or at least shorten) for others the process I went
through to understand the protocol in action -- namely, studying the
Perl implemenation along with the existing specs while watching
messages come in and out of my own implementation. Someday I might
even add diagrams, if enough people find it to be helpful :)

- K.Howe