[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: potential errata in SSO Profile
Lines 602-604 of Profiles describe how bearer assertion replay
attacks must be prevented when using the POST binding. I contend that this
is not just a POST binding-specific issue and that assertion replays must be
prevented independent of the binding. For example, it seems feasible to
actually replay an assertion when using an artifact binding by simply ensuring
that different Response messages are used to carry the same assertion each time…
thus different artifacts are used, but the assertion could get replayed since
there is no artifact binding-specific requirement to make the check. This wasn’t an issue in SAML 1.x since artifacts
referred to assertions, not protocol messages. Thus the artifact replay check
would prevent the assertion replay. I believe the solution is to move the text of lines 602-604
as is from the POST-specific section (4.1.4.5) into the list in the general
response processing rules (4.1.4.3). I believe this was the intent, was it not? Rob Philpott |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]