dumb clients a risk?
Carl Howells
chowells at janrain.com
Wed Oct 5 18:47:28 PDT 2005
Zefiro wrote:
> If I understand this correctly, smart clients establish a connection to the identity server itself, agreeing on a shared secret.
> Dumb clients don't. Now assuming a malicious end user can control their user agent to go to a identity server of their choice,
> instead of the one the consumer thinks the user is going to, and they have their own identity server set up which validates
> whatever identity they want to have - which should be possible, since in the identity there is no shared secret with the server
> - then they could log in to any dumb mode client with any identity they want. Because, again as far as I understood the scheme,
> the dumb client completely relies on anything the client provides it with.
This is where you've misunderstood the protocol. When dumb mode is
being used, the last step is a call from the consumer directly to the
server. The consumer asks the server if it sent the given
authorization, which the server can confirm or deny. There is a direct
connection from the consumer to the server in dumb mode. It's not a
scheme that's that badly designed.
Carl
More information about the yadis
mailing list