[12419] in cryptography@c2.net mail archive
Re: EU Privacy Authorities Seek Changes in Microsoft 'Passport'
daemon@ATHENA.MIT.EDU (Derek Atkins)
Tue Jan 28 10:58:51 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
To: bear <bear@sonic.net>
Cc: "R. A. Hettinga" <rah@shipwright.com>,
Digital Bearer Settlement List <dbs@philodox.com>,
<cryptography@wasabisystems.com>
From: Derek Atkins <derek@ihtfp.com>
Date: 28 Jan 2003 09:27:35 -0500
In-Reply-To: <Pine.LNX.4.40.0301270947140.28858-100000@bolt.sonic.net>
Single Signon by ITSELF is not a bad technology. But it very much
depends on the architecture and implementation. A Globally
Centralized SSO system like Passport certainly has problems as you
suggest. A locally centralized SSO system like Kerberos is less
of an issue. A Federated SSO system like Shibboleth is much better.
It all depends on your threat model. Don't destroy SSO just because
some company decided to "do it wrong".
-derek
bear <bear@sonic.net> writes:
> The widespread acceptance of something as obviously a bad idea as
> passport really bothers me. I could see a "password manager" program
> to automate the process of password invalidation where you discovered
> a compromise; but the idea of putting everything you do online on the
> same password or credential is just... stupid beyond belief.
>
> Why are single-sign-on systems even legal to sell without warnings?
> Why don't Msoft and the other members of the "Liberty alliance" have
> to put a big warning label on them that says "USE OF THIS PRODUCT WILL
> DEGRADE YOUR SECURITY"? Because that's what we're looking at here;
> drastically reduced security for very marginally enhanced convenience.
>
> But what really gets me about this is that it's totally obvious that
> that's what we're looking at, and people are buying this system
> anyway. That's hard to swallow, because even consumers ought not to
> be that stupid. But it's even worse than that, because people who
> ought to know better (and people who *DO* know better, their own
> ethics and customers' best interests be damned) are even *DEVELOPING*
> for this system. It just doesn't make any damn sense.
>
> Bear
>
>
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
--
Derek Atkins
Computer and Internet Security Consultant
derek@ihtfp.com www.ihtfp.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
