[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
RE: [higgins-dev] Attack on CardSpace possible with CloudSelector?

If you can convince a user to connect to and disclose his credentials to a false cloud selector, you can access the real selector as that user.

Michael McIntosh
VP Development

-----Original Message-----
From: higgins-dev-bounces@xxxxxxxxxxx [mailto:higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of Jonathan Tellier
Sent: Sunday, March 28, 2010 7:18 PM
To: Higgins (Trust Framework) Project developer discussions; John Bradley
Subject: Re: [higgins-dev] Attack on CardSpace possible with CloudSelector?


I think that what you say makes sense, but there's a part that I don't

> I think the Higgins cloud selector would be compromised by performing a DNS attack on the selector service as the easiest route.

Maybe I'm missing something, but I thought that the token does not go directly to the RP. It is sent to the browser that then sends it to the RP. Maybe I'm not getting the process right though... If the cloud selector does not communicate directly to the RP, how would compromising its DNS server help an attacker?

higgins-dev mailing list