Proposal: An anti-phishing compromise
john kemp
john.kemp at mac.com
Fri Feb 2 20:04:38 UTC 2007
Johnny Bufu wrote:
...
>>
>> If the OP has stolen the user's credentials, it can just say
>> "phishable
>> = no" and pass its assertion regarding those credentials to the RP.
>
> And the RP (being now a legitimate one), will perform verification on
> the assertion and will fail as it is not coming from the legitimate /
> authoritative OP.
Sure, but then the (former) rogue OP will take the user's credentials
and log in, as the user, at the user's real OP (which will be
authoritative). The OP will assert that the user is logged in, and that
the credentials weren't phished.
>
...
> Since the "rogue OP" is not authoritative for the phished user at any
> other RP, I rather see it as an extension of the rogue RP; it's
> basically the rogue RP that's proxying the output from the legitimate
> OP, so in a sense there's no real "rogue OP".
Yes, I see your point, but after the OP is no longer rogue (is "just a
user"), it has both the user's OpenID and her credentials.
- John
More information about the specs
mailing list