Trust/threat model for OpenID
Timothy Parez
timothyparez at linux.be
Fri Jul 28 20:28:28 UTC 2006
When you use a classic system, such as you let someone register on your
site, and store those account details somewhere, you have no idea of knowing
wether or not that person is who he or she claims to (or as someone pointed
out if it's a person at all) either. So there is no disadvantage to using
OpenID. Unless (like stated by someone [sorry I'm not looking up the names])
a registrar allows someone to create an openid without a password, allowing
a single openID to be used as a "public" way for anyone to access your site.
And to avoid this you can simply compile a list of registrars you want to
trust. If an openID of an unkown registrar is presented your application
should have a means of contacting the administrator and allowing him or her
(not) to trust that new registrar after evaltuation.
Unlike Passport.NET there is no single company or entity behind
OpenID, that's the spirit of it as I understand it, so we just
have to keep the restrictions (if you can call them that) in mind.
Of course a central entity could be founded in order to "validate" the
various registrars, but that would work against the idea behind OpenID.
Tim.
More information about the yadis
mailing list