Saturday, October 18, 2008

Your security is inversely proportional to the number of OpenID Providers you use

Just a quick note if you're familiar with OpenID's XRDS documents and how they allow you to have one 'omni-Identifier' that lists all your other OpenID providers and identifiers so that you can use this one Identifier to log in anywhere with any OP and yet maintain just a single identity.  Although there's great convenience in tying your several Identifiers into a single Identifier using an XRDS document, one should be cautious about just which Providers are listed inside your Identifier's XRDS document.

Any individual OP listed in your XRDS file has the capability of asserting your identity both through the identifier it assigned to you and through your omni-identifier.  If that OP was evil, or compromised, or just plain poorly written, your identity on all sites you log into with that Identifier is equally compromised. Your identity is only as secure as the weakest OP in your XRDS file.  Since you typically don't know which OP will fail first, a simple equation sums it up: the strength of your identity's security is inversely proportional to the number of Providers in your XRDS document.  Each one increases the surface area of your risk.

What does this mean?  Be cautious.  I would advise that you have no more than 3 Providers listed in your XRDS file.  One might be all you need.  In my case, I have a favorite OP, and then a couple of others I include with lower priority values so that RPs I sign into that have whitelists of OPs can still use my omni-Identifier.

You can be sure I won't add any community group's Provider to my XRDS file.  We should all keep only very reliable Providers as our identity providers.

No comments:

Post a Comment