>>>>> "Brian" == Brian May <br...@microcomaustralia.com.au> writes:
Brian> Ben Finney wrote:
>> I invite anyone interested in knowing how the distinct areas of
>> identity, trust, and security intersect with the OpenID system,
>> to research the available documentation.
>>
Brian> ...except openid has serious issues with establishing
Brian> identity in a secure manner. Especially if the server
Brian> connects to your identity provider using http (seems to be
Brian> common practise as far as I can tell). Using http makes
Brian> MITM attack easy. Just redirect requests to an identity
Brian> provider that always confirms the user's identity.
I find it deeply ironic that I'm arguing against security. However,
let's remember that we're talking about debtags. It's always
important to think about your threat model and about how much
complexity you're willing to spend in order to get security.
This seems like a case where usability is far more important than
security. If the system starts getting abused, we can lock it down
more.
If someone proposed using openid to do debian.org password resets or
to maintain the keyring, I'd be screaming up and down all over the
place. I just don't see that the value of attacking the debtags
system warrents increased complexity and decreased usability in this
instance.
--Sam
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
