[OpenID] OpenId Association Timeout Recommendations

David Fuelling sappenin at gmail.com
Wed Feb 7 21:36:17 UTC 2007


Thanks for clarifying.  You're right, there is a MITM vulnerability with
Direct Verification, especially if the Direct Verification is done in the
clear (i.e., no SSL/TLS transport).

However, the spec seems to indicate that if SSL/TLS is used, then Direct
Verification is ok (Section 15.1.2, first line of 2nd paragraph).  Do you

(I'm trying to figure out if Direct Verification is broken in general, or
only if OpenId is done without SSL/TLS)



> -----Original Message-----
> From: Hans Granqvist [mailto:hgranqvist at verisign.com]
> Sent: Wednesday, February 07, 2007 2:01 PM
> The main attack is when the OP sends "invalid" and Mallory changes
> that to "valid".  The RP would then believe Alice has authenticated
> to OP, and thus let Mallory successfully impersonate Alice on the RP's
> system.  (There is no feedback step to the OP, so the OP never sees
> this attack.)

More information about the general mailing list