On 23-Jun-06, at 9:17 PM, Eric Rescorla wrote:
In DIX, the RP includes a nonce in the request, which must then also
be in the nonce which would prevent replay attacks assuming the RP is
managing nonce state would it not?
Only if each authentication token is only single-use. Otherwise,
an attacker can replay it during the validity period. Even then,
cut-and-paste attacks are still possible if you block the
initial request.
My understanding of the definition of a nonce is that it is single-use.
Would you humour me with an explanation of a cut-and-paste attack per
above?
I saw the security risk here being the reliance on DNS for identity
of the IdP in the verification step.
Hmm.... I think this depends on the design. If you're using
SSL/TLS, you should be able to block most attacks of this
class, provided you have a CRA authentication method...
Agreed.
On a related note, the primary security threat I saw with DIX was how
the user knows they are at their IdP. DIX considers that out of band
as there does not need to be a standard way of doing it for DIX, each
IdP could do it a different way, and given this is a place the user
is visiting often whose purpose is to make sure the user knows they
are at the IdP and the IdP to have certainty it is the user, the
investment in stronger authN for both the user and the site is
worthwhile.
-- Dick
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
