Risks of Microsoft Passport

[Steve Schear]

Risks of Microsoft Passport
We all know the risks of trusting DNS and the fact that users click OK when 
presented with certificate warnings in their browser. So what happens when 
you build a single sign-on model for e-commerce that leverages these 
technologies? You end up with some risks that users might not expect. 
Microsoft's ambitious Passport service uses these common Internet 
standards. Avi Rubin and Dave Kormann from AT&T Research Labs document the 
risks of the Passport system in their research report, "Risks of the 
Passport Single Signon Protocol".
http://avirubin.com/passport.html