[mdx] Joe on 3.1.1
Cantor, Scott
cantor.2 at osu.edu
Fri Sep 27 07:36:42 PDT 2013
On 9/27/13 10:24 AM, "Ian Young" <ian at iay.org.uk> wrote:
>If the fake IdP resolves the original artifact into an assertion (which
>is going to be signed by the entity in the metadata the SP has just got)
>then I was thinking there might be a possible route to an attack based on
>the contents of that metadata. For example, the SP would believe a Scope
>element if it appeared there. However, the assumption would be that the
>rogue entity had its metadata introduced by some registrar somewhere, so
>that shouldn't be a real problem.
If you start with the premise that the metadata itself is at risk, then
you obviously have many attacks possible, so that doesn't lead to any
useful places.
>Just for interest, was that ever explicitly discussed in the SAML TC when
>the SAML 2.0 artifact format was invented?
The hashing notion dates back to 1.0, and no, I'm sure that like most
standards, use of hashing is just treated as "magic".
Knowing what I know now, I obviously would have pushed to embed hash
agility into it, but of course that adds complexity. The extension point
now is just the artifact type, which amounts to the same thing anyway,
since you'd have to add code to endpoints.
-- Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5778 bytes
Desc: not available
URL: <http://lists.iay.org.uk/pipermail/mdx-iay.org.uk/attachments/20130927/db24dbc4/attachment.bin>
More information about the mdx
mailing list