Electronics Home»Top Flaws in Distributed Authentication Systems and how they are Attacked, High Tech, Page 41

Top Flaws in Distributed Authentication Systems and how they are Attacked, High Tech, Page 41

Top Flaws in Distributed Authentication Systems and how they are Attacked

Share  Email
  Page: 41
See entire paper: http://electronics.wesrch.com/pdfEL11TZ3XNMONP
Page URL: http://electronics.wesrch.com/41-pdfEL11TZ3XNMONP
Note : Best viewed in FF3 or above, IE7 or above
Page(s): 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
 
Page content:

System Scope of “Identity” Wildcards Implied or explicit
allowed hierarchical structure
PKIX Any X.509 or LDAP Application Application dependent
Distinguished Name for a dependent
Subject, plus Subject
Alternative Names.
Distinctions on KU, EKU and
other arbitrary extensions in
an application dependent

TLS The Subject CNAME as a DNS For initial No
name, or DNS type Subject component only,
Alternative Name in an X.509 and only below
certificate. Single label names TLDs
and IP addresses are also
allowed.
DNS A fully-qualified Domain Yes Yes
Name, zone key. ….
Active, browser-rendered Same-Origin Policy: host, port, Yes Yes - script can re-set
content protocol, but not path self.domain to parent
domain
Active, browser-plugin Variants on Same-Origin Policy, Application Application dependent
Insert presenter logo
here on slide master.
content typically adding site of code dependent See hidden slide 2 for
directions
origin

 
 
Subscribe
x