[OpenID] Trust + Security @ OpenID

[Peter Williams]

OpenID is not a trust system. Its a proof system (which is worse). It claims that a cryptographic proof allows a verifier to determine that a Provider on the net has established that user X owns/controls identifier I. This is not a new line of research, note; so no need to rush out on the patent front, folks! Research into trusted name servers/services for the internet dates back to mid 80s.
 
Cryptographic Proof systems (based on DH or any other public key crypto using scheme) almost always leverage automated trust systems as an underlying mechanism. The nature of public key algorithms is such that one must have a means of distributing the public key (or DH partial ) in a trustworthy manner. Otherwise, attackers spoof the keys/DH-partials to spoof the crypto, to spoof the proof, to spoof the central claim of OpenID.
 
The 2 questions folks are repeatedly asking are:-
 
1. should there be varying grades of protection for the delivery of the proof statement ("assurance levels")
 
2. should there be varying grades of proof offered ("denoting the 'strength' of user auth/control")
 
 
1 seems already answered. OpenID2.0 designs already decide to offer to cryptographic strength options for the mac'ing process: SHA, and SHA-256. OpenID2.0 also now recommends direct mode communciation of association-setup, also, avoiding the need to evaulate whether the user's browser is trustworthy - when redirecting the message flow over two back-back https channels.
 
2 seems to be "in proposal"
 
What is missing is the ability for the RP within the same protocol session to reject the assertion, claiming proof strength X, sending it back requiring: "Y or better".
________________________________

From: general-bounces at openid.net on behalf of Simon Willison



>From http://openid.net/about.bml

"""
What about spam?

Again, this is not a trust system.