Unique Shared Secrets (4.4.2) in opes-authorization2002-10-21 19:35:12Why must the shared secrets be unique for each requestor / responder pair? Why do we care? In fact, such a requirement opens a security hole: I can guess someone else's key by trying to enter keys until the "system" tells me I can't because someone else has that key. I would drop the bullet.
|
|