Uploaded image for project: 'OASIS Security Services (SAML) TC'
  1. OASIS Security Services (SAML) TC
  2. SECURITY-7

PE: Pseudorandom requirement for persistent NameID format is unintentional

    XMLWordPrintable

    Details

    • Proposal:
      Hide

      Replace the sentence on lines 3321-3323 with:
      "Persistent name identifiers generated by identity providers MUST be constructed using values that have no discernible correspondence with the subject's actual identity (for example, username). They MAY be pseudo-random values, or generated in any other manner, provided there is no guessable relationship between the value and the subject's underlying identity, and that they are unique within the range of values generated by a given identity provider for a given service provider or affiliation of providers.

      Show
      Replace the sentence on lines 3321-3323 with: "Persistent name identifiers generated by identity providers MUST be constructed using values that have no discernible correspondence with the subject's actual identity (for example, username). They MAY be pseudo-random values, or generated in any other manner, provided there is no guessable relationship between the value and the subject's underlying identity, and that they are unique within the range of values generated by a given identity provider for a given service provider or affiliation of providers.
    • Resolution:
      Hide

      Resolved as proposed by TC on March 22 call.
      http://lists.oasis-open.org/archives/security-services/201103/msg00026.html

      Show
      Resolved as proposed by TC on March 22 call. http://lists.oasis-open.org/archives/security-services/201103/msg00026.html

      Description

      Sec 8.3.7, line 3321-3323, states that the values of this attribute MUST be pseudo-random. This has cryptographic connotations that go beyond the intent of this format, which was simply to guarantee that values would not directly expose the underlying principal identity and would be unique within the scope of the qualifiers attached. This can be achieved without actual pseudo-random construction of the identifiers, so this should not have been stated as a MUST.

        Attachments

          Activity

            People

            • Assignee:
              cantor.2 Scott Cantor (Inactive)
              Reporter:
              cantor.2 Scott Cantor (Inactive)
            • Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: