Trust/threat model for OpenID

David Strauss mailinglists at
Sat Jul 29 19:11:58 UTC 2006

Instead of retyping it here, I'll just point you to the Wikipedia
article. I wrote the introduction:

The weakest part of BAN logic is its lack of ability to tell you
information leaked if you do something really stupid. BAN logic is
primarily for authentication, not encryption.

- David

Ben Hyde wrote:
> David - I'm not familiar with a BAN analysis.   Does it have anything
> to say about, just to pick some thing at random - that open id enables
> two service providers to gossip about the user behind his back?  Since
> the user is encouraged to give them both the same identity URL it's
> easy for them to trade user models (account data) with each other.
> On Jul 28, 2006, at 10:51 AM, David Strauss wrote:
>> Yes, I've done such an analysis. I used what's called "BAN logic." It's
>> a formal academic notation for analyzing security protocols and whether
>> their assumptions (of various types) are justified.
>> The biggest hole is when the identity URL page is fetched without SSL
>> (or any other signing protocol).
>> I have a half-written paper on the BAN analysis I performed. I'll finish
>> it if anyone's interested.
>> David Strauss
>> Gabe Wachob wrote:
>>> Has someone written up a trust/security model for OpenID (ie who
>>> trusts who for what, and what the threats are to the parties
>>> involved?)
>>> I'm not sure what assumptions are being made about the participating
>>> parties so I'm not terribly comfortable assessing its use for a
>>> variety of environments other than things like SSO to livejournal for
>>> posting comments ;-)
>>> TIA
>>>    -Gabe

More information about the yadis mailing list