Problem with nonces and HTTP GET
Andrew Arnott
andrewarnott at gmail.com
Thu Jan 28 14:00:57 UTC 2010
On Wed, Jan 27, 2010 at 10:44 PM, Nat Sakimura <n-sakimura at nri.co.jp> wrote:
> (2010/01/28 14:41), Andrew Arnott wrote:
>
> On the other hand, I'm not entirely convinced that nonces are all that
> useful, since any MITM could also conceivably *pre*play the message, and
> get in anyway. Encryption seems to really be the best/only mitigation.
>
>
> Assertion is signed and given that nonce has sufficient level of entropy
> and randomness, it should be pretty hard to preplay, is it not?
>
Thanks, Nat. I hadn't thought of the browser plugin MITM, although as Allen
says, if you have an evil browser plugin, you're already hosed, so it's no
mitigation there either.
As far as the preplay, I'm not talking about guessing the nonce. I'm
referring to the scenario where you *see* the nonce fly by because you're in
the middle (and potentially then with the ability to suppress or suspend the
original request) and thus able to play the HTTP request yourself before the
original ever gets to its destination.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20100128/0bbd0883/attachment.htm>
More information about the specs
mailing list