gnuherds-app-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenID -- do not delegate the authentication process


From: Davi Leal
Subject: Re: OpenID -- do not delegate the authentication process
Date: Mon, 2 Jun 2008 22:39:47 +0200
User-agent: KMail/1.9.7

Antenore Gatta wrote:
> > I propose the project do not use any OpenID shared identity services. If
> > nobody disagree we should close such task adding a reference to the below
> > rationale:
>
> I disagree, this point must be discussed, because it's not true that OpenID
> is not secure at all and it's not true that OpenID it's safe at all.

IMHO, if OpenID is not safe at all this project should not use it.

What is wrong with the current authentication system?  If it is needed we 
could add an OpenID identity service at GNU Herds; so we could take care of 
its security.


> Surelly OpenID must be implemented in the right way.

Of course, anything we do should be done in the right way.


> I want to point your attention to one problem, imagine the Gnuherds login
> system will be compromised, how much time it'll take to discover it? How
> much time will take to the community to discover that the google openID is
> compromised? Few minutes maybe.

You are right about that.  However, IMHO, if the users keep money under the 
GNU Herds control, few minutes could be too late. We have to be able to take 
care of the whole system, without delegating the authentication part, to be 
sure the system will be never compromised.

What about if BlueOrganization OpenID provider decide 'sell' the needed 
data... to get into GNU Herds and get the users money.  IMHO we should not 
open the door towards the GNU Herds users money.


> Gnuherds can always choose a limited numebr of OpenID providers, as soon as
> we will discover one of these providers has been exploited, we can remove
> it from the list.

If the GNU Herds project keeps money we should not use any _external_ OpenID 
provider. The damage, in form of "all money lost", could be already done 
before we note it.

Who control the authentication systems control the money kept at GNU Herds.


> I think we should discuss better this point.

I agree.

We must follow discussing about this to be ready when we begin to work on the 
(phase 2) to add 'bank' support.

The (phase 1) will work without bank.



> > Rationale:
> >
> >  * If GNU Herds add OpenID support, any security problem at the OpenID
> >    servers will be a very serious security problem for GNU Herds.
> >
> >  * What OpenID servers GNU Herds would support?  The more OpenID
> >    servers GNU Herds support the more security risk paths for the
> >    GNU Herds project.
> >
> >    Note the OpenID use delegates the authentication process which is
> >    a central security piece.
> >
> >
> > IMHO the above rationale is enough to reject the OpenID use.
> > Additionally:
> >
> >  * Note maybe the GNU Heds project will make bank transactions. So
> >    the above problems are even more critic.
> >
> >
> > It could be other problems not analyzed here.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]