[security] Making phishing hard without changing UA side protocol
Hans Granqvist
hgranqvist at verisign.com
Tue Jan 23 21:12:02 UTC 2007
Tan, William wrote:
> Hans Granqvist wrote:
>> Just some quick thinking how phishing for passwords can
>> be diminished without severely changing the protocol or
>> enforcing UA plugins, etc.
>>
>> 1. The OP requires:
>> -- a RP must associate before the OP accepts it
>> (as a return_to/trustroot).
>> -- before OP allows such association, the RP must
>> provide an acceptable XRDS file(*).
>>
> How would this help password phishing where the RP is rogue so it's not
> even going to bother contacting the OP at all?
>
Slight confusion:
(1) and (2) were not meant to be alternatives, but should
be in place together.
Given (2), (1) asserts that the RP is acceptable to the
OP, and thus shifts "good/bad RP" liability from the user
to the OP.
>> 2. The OP refuses to do a login at the same time
>> as an authentication. The user must be logged in
>> beforehand.
>>
>> Of course, 2. is a user education, but maybe not that
>> hard to teach?
>>
> This would be fairly inconvenient unless complimented with something
> else that others on the list have suggested, e.g.:
> - bookmarklet that opens up a new page to authenticate
> - some sort of plug-in that logs you in automatically
> - external authentication
>
>
> =wil
More information about the security
mailing list