Review of Open ID
The primary aim of the project was to produce a report (this document) to allow decision-makers to understand OpenID’s security properties in order to perform risk assessment of their envisaged use cases and avoid any of OpenID’s potential security pitfalls.
Executive Summary
The project conducted a survey of computer centre managers and senior staff members to gain an understanding of how they are likely
to proceed with OpenID, with or without the presence of this guidance. None of those consulted was currently willing to permit the use of OpenID for granting access to any resources of value. A few may be willing to use it for access to resources with low identity assurance requirements such as blogs or wikis.
The secondary aim was to develop bridging software, the OpenID-SAML Gateway, to allow OpenIDs from any source to be used as identities within the production UK federation, creating opportunities for experimentation by early adopters. A basic demonstration of the gateway was provided by the UK federation’s printenv test SP. This simply displays the attributes that an IdP (the gateway, in this case) releases to a UK federation SP. Among these is the user’s OpenID, converted to form a value of eduPersonPrincipalName (ePPN). At the time of writing eight users had experimented with the gateway.
A further demonstration was provided using EDINA’s Land, Life and Leisure service. In this case, the service maintains an access control list containing the set of eduPersonPrincipalNames that it will accept, so the service can be accessed only by users whose OpenIDs have been added to the ACL configuration file. This showed that it is possible to successfully control the set of OpenID users who can access a Shibbolized production service.