Security considerations for integrity of solid:oidcIssuer triples

[Otto-AA]

I am not sure if this is the correct specification, but I'd suggest to add security considerations for the write/changability of the solid:oidcIssuer triple in the WebID profile.

The solid:oidcIssuer is used to verify that access token are created by the right entity for a WebID:

A WebID Profile lists the OpenID Providers who are trusted to issue tokens on behalf of the agent who controls the WebID.

In turn this means, if someone is able to add or change this triple in the profile, they can point it to a server under their control and create valid access tokens. Thus, append or write access to the profile indirectly gives access to anything the webID has access to.

I propose to add a Security Consideration along the lines of: "WebID providers SHOULD/MUST ensure the integrity of solid:oidcIssuer triples. Any agent that can modify or add solid:oidcIssuer triples to the WebID could impersonate this WebID."

In practice, this could be implemented in one of following ways:

• make the web ID readonly (I think this is what ESS does in combination with an extended profile)
• reject requests that modify or add solid:oidcIssuer triples to the webID, even if the agent has append/write access