[security] security hole in signature algorithm
Josh Hoyt
josh at janrain.com
Mon Nov 20 01:13:55 UTC 2006
On 11/19/06, Dick Hardt <dick at sxip.com> wrote:
> By manipulating the return_to parameter, an attacked can impersonate
> another user at an RP.
it's hard to do a careful reading of your message with mhy 2-year-old
playing piano in the background, but I don't think I understand your
attack.
I don't see any KV form strings in your description, and those are the
things that get signed. In KV form, the pairs are indeed suffixed with
a newline, which is the reason that newlines are not allowed.
the x-www-urlencoded string:
foo=bar&baz=quux
looks like:
foo:bar
baz:quux
in KV form.
Am I missing something?
Josh
More information about the specs
mailing list