Re: Optional domain/realm for SCRAM? (Re: Crypto agility in SCRAM + draft-josefsson-password-auth?)

[Nicolas Williams <Nicolas.Williams@xxxxxxx>]

On Tue, Mar 18, 2008 at 06:21:44PM +0100, Simon Josefsson wrote:
> Nicolas Williams <Nicolas.Williams@xxxxxxx> writes:
> > Hmmm, I think I can live with this answer, but I also think that a SCRAM
> > with this option will have sufficiently different properties from
> > Kerberos that in many case it could be preferable (specifically: no
> > online infrastructure requirement for the client).
> 
> If I understand your scenario, it may be that it can be solved easily
> with unmodified SCRAM, see my response to Jeff.

If you mean this:

> >> If you really want to achieve something like you want, wouldn't the
> >> following work?  Enroll the user once, and then ask the user to use a
> >> username like 'user@xxxxxxxxxxxxx', 'user@xxxxxxxxxxxxx' for each of the
> >> servers in that realm.  The enrollment process could push out the
> >> password-equivalent hash to each server.
> >
> > Ick.
> 
> That is what I do in one (small) environment.  It is simple and works
> fairly well.  It is not a load-balancing setup though, where I admit
> this approach would not work well.

Then no, that's not a good answer (see Jeff's reply as to why).

The use case is not load balancing (as you asked in your other e-mail
just now) but a large site with many distinct services that users may
need to authenticate to.

For me though, the point is moot as I withdraw the proposal:

> >> In my experience, the realms feature was not used widely with
> >> DIGEST-MD5, but made the specification more complex.
> >
> > OK, I withdraw this proposal.

We can always do a new mechanism that has this functionality if it turns
out we need it, and in the meantime Kerberos V is a decent answer for
those who need such functionality _now_.

Nico
--