[OpenID] On the portability of identifiers
SitG Admin
sysadmin at shadowsinthegarden.com
Thu Nov 6 16:36:37 UTC 2008
>identifier. Disavowal triggers communication to the disavowed identifier's
>contact. If an attacker subverted Identifier B and disabled Identifier A
>on the RP site, the RP would do something like email the contact for
>Identifier A. So the user would know that B had been compromised. From
With privacy controls (configurable notifications), this would be
good. Automatically notifying a work-related Identifier could result
in employers (and/or fellow employees!) knowing the non-work
Identifier *and* a RP it had been used at; also, those with access to
the E-mail might delete it (especially if *they* were the ones who
compromised another Identifier!), assuming the user didn't have one
of those "access locally but delete at home only" custom privilege
sets for using their personal E-mail to handle messages with the
"work" namespace :)
-Shade
More information about the general
mailing list