On Thu, May 27, 2010 at 10:51 PM, Eran Hammer-Lahav <[email protected]> wrote: >> Cool. Glad we can put Roy's security concern to rest, at least. > > I disagree. Your signature proposal makes matching worse, but moves the > "canonicalization problem" to the server side. You just flipped the problem. > The client gets much simpler but the server gets potentially less secure > (as a likely result of poor implementation).
You raise a bunch of really good points in your response, and I'm going to ignore almost all of them for now. =) I want to get to the heart of the "potentially less secure" statement. In OAuth 1.0, in order to be secure, the server had to check a signature. [1] Under the proposal I made earlier, the same server will need to check a signature, and it will also need to check the intended target of the signed message. That is *not unusual* in authentication protocols. OpenID, SAML, and others all have the exact same requirement. It's documented in their security recommendations. And there are compliance tests that verify that servers do check this. If someone fails to make this check, it will be revealed as soon as anyone looks at their code or tests their server. Cheers, Brian [1] Aside: secure servers actually need to do lots more than check signatures. They need good user management, and key management, and XSS-prevention, and XSRF-prevention, and patch management, and physical security, and so on. But that's out of scope for an authentication protocol. _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
