shared secret alternative to DSA
Paul Crowley
paul at ciphergoth.org
Sat Jun 4 05:12:43 PDT 2005
Nathan D. Bowen wrote:
> I would go so far as to say that the almost-explicit role of OpenID is
> to protect college girls' blogs from their bitter ex-boyfriends whose
> fraternity brothers are the sysadmins on their campus networks.
This is a great model of the attacker. I'm reminded of jwz's assertion
that the purpose of groupware tools is to help college kids get laid :-)
Here's a more detailed imagining: say the server is LiveJournal, and the
consumer is a calender app hosted by a friend from the broadband
connection in their flat. (I'd say their dorm room, but that network is
broadband connection is probably switched). However, it's the bitter ex
who set up the broadband connection, and he controls the broadband
router. He could modify packets as they go by, but that's harder than
running "ethereal" and he feels a bit more like a cracker doing it, so
he doesn't. Instead he sniffs the connection, picks up the MAC secret,
and forges his way into the calendar app, getting all the information he
needs to stalk her.
This is the right kind of thinking, but the trouble with this example is
that it's much easier for him to just sniff her cookie once she's logged
in, isn't it? And why does forging IP headers make him feel like a
cracker, but forging OpenID authentication tokens feels OK? It's really
pretty easy for him to set up the routing table so packets intended for
LJ go to his box - probably easier than writing software to generate
fake OpenID tokens based on snarfled MAC secrets.
As I say, though, I'm not stuck on this - I am a bit worried about
whether this is best for the simplest clients, and if I can't bring
people round, I'll drop it and move on to working out how to do DSA
properly...
--
__
\/ o\ Paul Crowley, paul at ciphergoth.org
/\__/ http://www.ciphergoth.org/
More information about the yadis
mailing list