On Monday 05 May 2003 09:52, Seairth Jacobs wrote:
> From: "Tyler Close" <
tyler@...>
>
> > Does this mean that you are dropping authorization methods 2 and
> > 5, from Michael Day's list of 5 authorization methods?
>
> Nope. See below.
I don't understand. In the previous email, you agreed that these
methods are vulnerable to a Confused Deputy attack and said that
RNA passes the "user/pwd" in the notification.
> > Does this mean that you are rescinding your opinion that:
> > "Generating URLs containing authentication tokens seems like a Bad
> > Idea"?
>
> Nope. See below.
A "user/pwd" is an authorization token. Are you saying that the
primary authorization mechanism used in RNA is "a Bad Idea"?
As we've discussed, and you've agreed, using a capability URL is
the only way to prevent the Confused Deputy attack. How do you
reconcile this with thinking that a capability URL is "a Bad
Idea"? The agreed facts indicate the exact opposite.
Tyler
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
Offline 
Send Email