This opens up some new interesting attacks. First, you can’t login to anything that can’t access your web server. Second, you can’t login to anything that doesn’t have a CA cert chain to validate your web server, which conversely means anyone higher up the cert chain than you can also login as you. And that’s assuming you’re running your own persona server, no doubt somebody will think it’s a smart idea to tie their ssh login to their gmail account.
I’m not sure if a MITM attack between two internet servers is easier or harder. Interjecting yourself between my laptop and paypal.com requires locating my laptop out here in reality (or at least the path I use to connect to paypal). The persona.org server is fixed in space at a known location, and although we might hope its uplink connection is reasonably secure, attackers can attempt their attack at any time of day or night. They aren’t limited to waiting for me to login to paypal on my schedule.
This opens up some new interesting attacks. First, you can’t login to anything that can’t access your web server. Second, you can’t login to anything that doesn’t have a CA cert chain to validate your web server, which conversely means anyone higher up the cert chain than you can also login as you. And that’s assuming you’re running your own persona server, no doubt somebody will think it’s a smart idea to tie their ssh login to their gmail account.
I’m not sure if a MITM attack between two internet servers is easier or harder. Interjecting yourself between my laptop and paypal.com requires locating my laptop out here in reality (or at least the path I use to connect to paypal). The persona.org server is fixed in space at a known location, and although we might hope its uplink connection is reasonably secure, attackers can attempt their attack at any time of day or night. They aren’t limited to waiting for me to login to paypal on my schedule.