In the association stage of the OpenID process, Diffie-Hellman is used to encrypt the OpenID.session_type value. For using diffie-hellman, we have to generate the value of dh_modulus(p) and dh_gen(g) values. My question is, do I have to generate p and g values each time I send a OpenID request to an OpenID Provider or only during those times when I send a new association.
A:
You don't need to generate it at all, because you can use the default modulus and dh_gen.
And if you still want to, it's sent only during an association, because it's used only to transmit a shared secret. In all subsequent requests, only the association handle is transmitted.
As for generation method, i suggest looking at the Diffie-Hellman Key Exchange rfc.
Mewp
2010-08-24 08:24:30
Thanks for the answer, Mewp.
Felix
2010-08-24 08:52:05