John,
Looking at the last diagram, and the discussion on keeping the
acquisition of assertions separate from presenting those, I have this
basic question (could also be due to my lack of knowledge of SAML
assertions :-)):
When a user needs to present the identity assertion, and the "over 21
assertion" from the ID agent, what prevents a man-in-the-middle from
mixing and matching assertions? Example: What if I have browser code to
take my ID assertion from the ID agent, and someone else's "Over 21"
assertion (which I probably captured by posing as a replying party), and
passed it on to the replying party. Is this scenario possible? Is there
a restriction on who can present an assertion in the assertion itself?
Thanks and Regards,
Haripriya S.
>>> John Merrells <merrells at sxip.com> 06/06/06 3:27 am >>>
On 5- Jun- 06, at 2:42 PM, Eric Rescorla wrote:
>
> I'm still not sure I get what you're saying. Let me see if I can
> try again looking at the flows of data.
>
>
> OPTION 1: What I take DIX to be doing
Yes, this interaction diagram is correct.
> Client IdP Relying Party
>
> ------------------------- Service Please ------------ >
> <------------------------- Prove you're over 21--------
>
> <------- Auth exchange ------ >
> <------- Over 21 credential--
>
> <----------------- Auth exchange plus over 21 cred ---- >
Assuming that at some point earlier the user acquired an over 21
assertion
from an appropriate authority.
Client Identity Agent Authority
------------------------- Service Please ------------ >
<--- Auth/Verify exchange, maybe even out of band ---- >
<------- Over 21 credential----------------------------
<--------- Over 21 cred ---- >
John
_______________________________________________
dix mailing list
dix at ietf.org
https://www1.ietf.org/mailman/listinfo/dix
_______________________________________________
dix mailing list
dix at ietf.org
https://www1.ietf.org/mailman/listinfo/dix
