[Openid-specs-risc] Final security analysis
Shayne Miel (smiel)
smiel at cisco.com
Thu Aug 29 18:59:42 UTC 2024
Hello working group members. You may recall that earlier this year we engaged a research team from the Institute of Information Security at the University of Stuttgart, Germany to analyze the security properties of the Shared Signals Framework. We are happy to announce that this work has been completed. The final report can be downloaded from this link: https://github.com/user-attachments/files/16762914/2024-08-26_WP4.1b-Report.pdf
As a last step, the working group is being asked to formally approve the report. We will take an official poll during the working group meeting on September 10th. For anyone who is not able to attend, if you wish to voice an opinion, feel free to share it via this email list.
The best way to understand this report is to start with section 4. In that section, the researchers list the security properties that they are proving given the assumptions made in section 2. The appendix contains the formal mathematics of the proofs, and section 3 contains a short list of recommendations unrelated to the proofs.
Please let me know if you have any questions,
Shayne
[cid:c15c1694-b4cc-4db7-83ad-587e4aa1974e]
[https://duo.com/assets/img/email/spacer.gif]
Shayne Miel / Principal Engineer (he, him, his)
smiel at cisco.com<mailto:smiel at cisco.com>
(919) 923-6230
cisco.com<https://www.cisco.com/site/us/en/products/security/index.html>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240829/eff30c31/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-3hnuuyry.png
Type: image/png
Size: 13713 bytes
Desc: Outlook-3hnuuyry.png
URL: <http://lists.openid.net/pipermail/openid-specs-risc/attachments/20240829/eff30c31/attachment-0001.png>
More information about the Openid-specs-risc
mailing list