Mike Glover wrote:
Pete-Why do you have to trust the RP at all? All the RP ever sees is an assertion that you control the identity URL that you provided.
That is what the RP sees if they play along with the scheme.
It is vulnerable to a man in the middle attack - the RP, instead of redirecting to the IdP redirects to itself or some other site in cahoots, then proxies the conversation between the user and the IdP thereby compromising the users (global) credentials as they pass through.Do you see a vulnerability that I'm missing?
There really needs to be user-agent support to avoid that - either something CardSpace like, or browser plugin that only ever presents a pre-authenticated user.
-mike On Wed, 18 Oct 2006 10:49:54 -0700 Pete Rowley <[EMAIL PROTECTED]> wrote:I also think it _is_ a requirement that thebrowser vendors support this - right now you have to trust that the RP is a white hat.
-- Pete
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
