AUTHENTICATION B Verifies something about A CHOICE (?) - - PDF document

authentication b verifies something about a choice
SMART_READER_LITE
LIVE PREVIEW

AUTHENTICATION B Verifies something about A CHOICE (?) - - PDF document

Nov 12, 2022 272 likes •347 views

AUTHENTICATION B Verifies something about A CHOICE (?) CONFIDENTIALITY 2 KINDS OF CRED. USABLE BY ANYONE TIED TO RP WHITELISTING (WL) CLAIM MINIMALITY (CM) MUTUAL AUTHE MUTUAL PROOF PARTIC. (MPP) ATTRIBUTE ANTI (FPI) Phishing 3RD FIX

slide-1
SLIDE 1

AUTHENTICATION B Verifies something about A CHOICE (?) CONFIDENTIALITY 2 KINDS OF CRED. USABLE BY ANYONE TIED TO RP WHITELISTING (WL) CLAIM MINIMALITY (CM) MUTUAL AUTHE MUTUAL PROOF PARTIC. (MPP)

slide-2
SLIDE 2

ATTRIBUTE (FPI) ANTI Phishing ATTRIB 3RD PARTY FIX AUTH FIX PHISH NON-BROWSING HTTP SUPPORT SUPPORT FOR

  • EXIST. INFRA.

X-APP CREDENT. (XAC)

slide-3
SLIDE 3

EKR1: Fix Web HTTP Auth

  • Non insane Digest repl.
  • Anti-phishing: GUI, Mut. Auth
  • Passwords AND other

EKR2: Cross-site Identity Eliot’s Dad’s Prob EKR3: Claim & Attribute Transferral

slide-4
SLIDE 4

EKR1: Fix HTTP Auth

  • Anti-phishing: GUI, Mutual Auth

Liase w/ W3C on GUI HTML & Links to HTTP

  • Passwords AND other
  • Layer/Arch. TBD
  • Can stand alone

Would need to coord. w/ EKR2 & EKR3

  • This requires EKR
slide-5
SLIDE 5

EKR2: Cross-site identities identifiers

  • Eliot’s Dad’s Problem

Too many passwords / use same

  • “Raw assertions of identity are easier

to trust than attrs.” – roughly Name subordination

  • Probably existing tech

Maybe Glue work More analysis

  • Requires work/sol’n EKR1

May require shared mechs. Definitely requires co-ord

slide-6
SLIDE 6

EKR3: Claim & Attribute Transferral

  • Existing Claim/Attr. Syntaxes

can be used, maybe glue work

  • Binds Attr assertions to

underlying communic’n

  • Not just limited to HTTP