On 12 Aug 2008, at 10:31 AM, Simon Josefsson wrote:
I have no seen adequate support for MUSTs here.Nor have I, but I don't believe MUST is required. PLAIN contains: By default, implementations SHOULD advertise and make use of the PLAIN mechanism only when adequate data security services are in place. It continues with: Specifications for IETF protocols that indicate that thismechanism is an applicable authentication mechanism MUST mandate that implementations support an strong data security service, such as TLS.That places restrictions on specifications, not implementations, which is somewhat weird, but CRAM-MD5 could do the same. That is what I propose to do.
I personally think such a change would be good. I feel that TLS recommendations to protect CRAM-MD5 ought to be the same as those we made for the TLS protection of PLAIN.
None of the arguments made in thedocument would still stand against that construct (I think). What ispuzzling is that the document already appear to strongly suggest use of TLS and UTF-8 and SASLprep, so I think we have already solved the security and interoperability problem inherent in the old CRAM-MD5 specification.I don't believe the SHOULDs are adequate to ensure independently developed interoperability.SHOULD has worked fine for PLAIN, so I disagree.
It works fine because of PLAIN's design. The party, the server, is preparing both the presented and stored strings. In CRAM-MD5, two parties need to agree on the preparation on what preparation to use for things to work properly.
/Simon