[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: Indexical reference problem defined
Hal, Just a question to one part of this: > What are the threats to a claim check? There are basically two: interception > and guessing or deriving its value. Aren't there some http re-direct based attacks against cookies? Been a while since I worked this through, and maybe current browsers are better, but it certainly used to be possible for badguy.com to issue a re-direct, and the SSO cookie would go along with the new http request. This allows for some "button pushing" type attacks (i.e. badguy can't get me to do too much, and can't very easily get to pick input data, but can get me to hit a button that I've hit earlier). If this is still the case, there's not much SAML can do about it, other than recognize the vulnerability and maybe give guidance about using cookies for SSO. Stephen. -- ____________________________________________________________ Stephen Farrell Baltimore Technologies, tel: (direct line) +353 1 881 6716 39 Parkgate Street, fax: +353 1 881 7000 Dublin 8. mailto:stephen.farrell@baltimore.ie Ireland http://www.baltimore.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC