[dix] Re: [Ietf-http-auth] Notes on Web authentication enhancements

[Dick Hardt <dick at sxip.com>]

On 23-Jun-06, at 9:17 PM, Eric Rescorla wrote:
> > In DIX, the RP includes a nonce in the request, which must then also
> > be in the nonce which would prevent replay attacks assuming the RP is
> > managing nonce state would it not?
>
> Only if each authentication token is only single-use. Otherwise,
> an attacker can replay it during the validity period. Even then,
> cut-and-paste attacks are still possible if you block the
> initial request.

My understanding of the definition of a nonce is that it is single-use.
Would you humour me with an explanation of a cut-and-paste attack per  
above?

> > I saw the security risk here being the reliance on DNS for identity
> > of the IdP in the verification step.
>
> Hmm.... I think this depends on the design. If you're using
> SSL/TLS, you should be able to block most attacks of this
> class, provided you have a CRA authentication method...

Agreed.

On a related note, the primary security threat I saw with DIX was how  
the user knows they are at their IdP. DIX considers that out of band  
as there does not need to be a standard way of doing it for DIX, each  
IdP could do it a different way, and given this is a place the user  
is visiting often whose purpose is to make sure the user knows they  
are at the IdP and the IdP to have certainty it is the user, the  
investment in stronger authN for both the user and the site is  
worthwhile.

-- Dick


_______________________________________________
dix mailing list
dix at ietf.org
https://www1.ietf.org/mailman/listinfo/dix