[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have

To: Hallvard B Furuseth <h.b.furuseth@xxxxxxxxxxx>
Subject: Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
From: Chris Newman <Chris.Newman@xxxxxxx>
Date: Wed, 12 Mar 2008 09:33:43 -0500
Cc: Kurt Zeilenga <Kurt.Zeilenga@xxxxxxxxx>, ietf-sasl@xxxxxxx
In-reply-to: <hbf.20080311nead@xxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
References: <9C18D563-B86C-4ED8-8312-F22578A11E63@xxxxxxxxx> <> <hbf.20080311nead@xxxxxxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx

--On March 11, 2008 14:08:06 +0100 Hallvard B Furuseth<h.b.furuseth@xxxxxxxxxxx> wrote:

I don't get this.  SASL is not a protocol.  If a textual protocol _uses_
SASL, it must turn SASL blobs into text - e.g. by base64-encoding them.
If the SASL mechanism also base64-encodes, we get base64(base64(data)).

SASL is an abstraction model that combines two protocols: an authenticationmechanism protocol and an application protocol with SASL profile.

The experience I've had with binary authentication mechanism protocols isless than stellar. My product included a non-standard "proxyauth<username>" command that could be issued after authentication foradministrative impersonation of a specific user. We also have support forSASL PLAIN with authorization identity which is the standard way to providethe same functionality. But trying to convince people to use the standardprotocol rather than the non-standard one has been extremely difficult dueto the binary nature of SASL PLAIN. The problem is people don't like touse SASL PLAIN because the NUL octets make it difficult to generate anddebug the authentication protocol and custom tools are required to do so.And PLAIN is a really simple case.

Binary creates a barrier to deployment and comprehension of theauthentication protocol in my experience.

Another feature: Don't disclose the existence/absense of a user unless
authentication succeeds.  Or at least don't require it to be disclosed.
See my messages "Hide presence/absence of users in server (HEXA, SCRAM)"
of 30 Apr 2007.

IMHO, this is a tradeoff between security and usability that has to beconfigurable. I agree all products should have a way to obscure thedistinction between user-doesn't-exist and authentication failed, but formany deployments the usability benefit of exposing users under somecircumstances greatly exceeds the security benefit of hiding thisinformation.

Regarding the SCRAM draft, I hope there'll be a version soon which
spells out what each challenge and response consists of, and what the
server must remember (or be able to construct).  It's cumbersome to
dig around in the parameter descriptions in order to figure that out.

Agree this needs work. I simply don't have time to be the active editor onthe document.


		- Chris

Follow-Ups:
- Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
  - From: Abhijit Menon-Sen

References:
- Clarifying the qualities we desire the DIGEST-MD5 replacement to have
  - From: Kurt Zeilenga
- Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
  - From: Chris Newman
- Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
  - From: Hallvard B Furuseth

Prev by Date: Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
Next by Date: Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
Previous by thread: Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
Next by thread: Re: Clarifying the qualities we desire the DIGEST-MD5 replacement to have
Index(es):
- Date
- Thread