OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: Comments on S2ML 0.8a


> It is quite possible that I misunderstand the usuage model (and/or
> scoped assertions), but I still think the binding between various S2ML
> fragments that might appear in different documents may not be strong
> enough. I don't see problems arising, if these fragments are exchanged
> through secure channels and contents never disclosed. However, if the
> fragments are stored in documents for later use, I can see problems
> arising. The example entitlement on page 13 in the beginning of section
> 4, shows a URI to link the entitlement to a name assertion. If somebody
> manages to put a resource up with the same URI problems will arise. John
> Linn mentioned IP and DNS level spoofing in his posting a few days ago
> in the context of the HTTP binding for 0.7a. I think the above may be
> vulnerable to similar problems.

Is not the Name assertion object to be signed as well?  By an authority that
the verifier must know to have a trusted relation with the issuer of the Entitlement object.
That gives the IP/DNS spoofer little chances doesn't it?

As a side note:
I don't understand what kind of receivers living in the land of global e-commerce 
that are supposed to have this knowledge and even less what they are supposed
to use it for.  This is again something pointing to the scope of S2ML as being targetted
at small and closed groups of really trusted parties. 

Anders Rundgren
+46 70 - 627 74 37

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC