Re: [higgins-dev] PPID generation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [higgins-dev] PPID generation

From: Greg Thompson <thompson@xxxxxxxxxxxxxx>
Date: Fri, 11 May 2007 12:10:41 -0400
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>
Organization: Credentica
User-agent: Thunderbird 2.0.0.0 (Windows/20070326)

Michael McIntosh wrote:

No. There is no master key associated with a managed card. Only personalcards have master keys, for personal cards the master key is generatedwhen the car dis created).

This was certainly my understanding as well, but now that I re-read4.3.4.1 of "A Technical Reference for the Information Card Profile V1.0"it sounds like ic:HashSalt and ic:MasterKey are required for a managedcard. This wouldn't be the first inconsistency in that doc, though...

According to the CardSpace Tech Ref, this is the algorithm for PPIDcalculation (note the absense of master key, which is used for selfsigning key pair generation):

What version of the tech ref are you looking at? Mine (v1.0 of December2006) has this as section 7.5.2, not 7.4.2. In any case, however, thisis the calculation used by CardSpace for self-issued cards, not managedcards (Section 7 is the "Simple Identity Provider Profile").

my question is this, can a rp be tricked by someone trying togenerate a PPID for someone elses card. Is it all dependent on theunique cardid ? it seems like this algorithem could easilyreplicate a PPID if you know the RP you are going to, and the cardidnaming scheme used by the users card provider. I must be wrong...

If we're talking about self-issued cards, the ic:CardId should beunpredictable. For managed cards, you'd (obviously) need the IdP'scooperation.

If you have a CardId and an RP SSL Certificate (or RP Identifier), youhave all that you need to compute the PPID for that Card::RP pair.
So the right questions are:
1) Can a Client trick an IdP into generating a Token containing ANYarbitrary PPID?
Yes.

As you mention later in your message, Mike, that's really a conditional"Yes." The correct answer is: Yes if the card's ic:RequireAppliesToelement is absent or has the Optional attribute set to "true" and the RPdoesn't include wsp:AppliesTo in its sp:RequestSecurityTokenTemplate.

Alleviating the trickery problem by giving the IdP "token scopeinformation" has significant drawbacks for RPs, not the least of whichis that they are subject to selective impersonation attacks: an insiderat the IdP can pretend to be any of its users. Add to that the factthat RPs lose their autonomy w.r.t. the IdP (bad for user privacy aswell). Makes you think there must be a better way, huh?

--
		Greg Thompson
		Credentica

References:
- RE: [higgins-dev] PPID generation
  - From: Michael McIntosh

Prev by Date: Re: [higgins-dev] IdAS repackage. Take 1
Next by Date: RE: [higgins-dev] PPID generation
Previous by thread: RE: [higgins-dev] PPID generation
Next by thread: RE: [higgins-dev] PPID generation
Index(es):
- Date
- Thread

Breadcrumbs