Re: Security

["Frank Ellermann" <nobody@xxxxxxxxxxxxxxxxx>]

Sam Hartman wrote:
 
> However for challenge/response mechanisms we can get mutual
> authentication and tie the mutual authentication to integrity
> protection and/or confidentiality.

As far as DIGEST-MD5 was an attempt to offer these features
folks here apparently decided to give up on it, because there
was no big demand for these features, and interoperability
was lousy.  Maybe this is a hen and egg problem, but whatever
the DIGEST-MD5 problems might be, they're no bugs in CRAM-MD5.

> I do believe that cram-md5's mechanisms for converting a
> password into a key are weaker than is current accepted
> security practice.

Then propose something better than HMAC, get it on standards
track, and deployed.  Removing CRAM-MD5 from standards track
won't get you there.  One algorithm I looked at (APR1) is IMO
far too odd to pass as "better".

When I proposed to look at RMX in a SCRAM-discussion the WG
apparently preferred what's now in the draft, based on HMAC.

Maybe SCRAM will be that "better" thing, but that's unrelated
to WG Charter and status questions for CRAM-MD5.  

It's IMO very good that it is now again possible to discuss
such issues, the situation where you in essence had a veto
was unsound (actually a "bug" in RFC 2026, not in RFC 2195).

 Frank