As long as you verify the signature on the token, any edits made to the text will fail validation (since the new values will generate a different signature). So the signature itself prevents this kind of abuse. Encryption of the signed values is not necessary for verification.
All that encryption adds is hiding the values themselves (owner id, viewer id, module id, app id, domain, app url), which given the values and the fact that they're probably available in many other ways, I'm wondering what the benefit of hiding those is. --Gary On Thu, May 22, 2008 at 12:10 PM, Chris Chabot <[EMAIL PROTECTED]> wrote: > Absolutely. > > Say that you have a gadget "i have a crush on", and someone fakes being you > (since the token is plain text thats easy, just replace a number), and lists > you as having a crush on your boss ..... embarrassing! > > And that's just from a 'silly game' point of view, imagine you had a > business app that you used to schedule meetings, someone faking your ID > could spam "buy <member enlarging medicine> at this site!" to all your > business contacts... thats beyond embarrassing, that's a business risk! > > Absolutely worst case, you have some gadget that is linked to some financial > source like a credit card, the potential damages there are huge. > > So yes ... verifiable identity and making this identity tamper proof is > serious business and absolutely required in any real life situations. > > -- Chris > > On May 22, 2008, at 5:24 PM, Gary Helmling wrote: > >> is there any reason that most implementations would >> need that here? > >
