Trust/threat model for OpenID
David Strauss
mailinglists at fourkitchens.com
Fri Jul 28 14:51:05 UTC 2006
Yes, I've done such an analysis. I used what's called "BAN logic." It's
a formal academic notation for analyzing security protocols and whether
their assumptions (of various types) are justified.
The biggest hole is when the identity URL page is fetched without SSL
(or any other signing protocol).
I have a half-written paper on the BAN analysis I performed. I'll finish
it if anyone's interested.
David Strauss
Gabe Wachob wrote:
> Has someone written up a trust/security model for OpenID (ie who
> trusts who for what, and what the threats are to the parties
> involved?)
>
> I'm not sure what assumptions are being made about the participating
> parties so I'm not terribly comfortable assessing its use for a
> variety of environments other than things like SSO to livejournal for
> posting comments ;-)
>
> TIA
>
> -Gabe
>
More information about the yadis
mailing list