On Aug 13, 2008, at 9:18 AM, Simon Josefsson wrote:
Your approach would send the message that we recommend users to prefer PLAIN+TLS over CRAM-MD5+TLS.
The problem as I see it is that the draft doesn't make it clear that we're recommending CRAM-MD5+TLS. The one recommendation statement isn't enough.
Most implementors and deployers and users of PLAIN understand PLAIN's weaknesses without even reading RFC 4616. Reading RFC 4616 reinforces what folks already understand. But even so, RFC 4616 reiterates the recommendation in the Abstract and Introduction, provides examples showing use with TLS, and then reinforces its recommendations by clearly stated security considerations. RFC 4616 also places requirements on IETF protocols that state PLAIN is an applicable authentication mechanisms that the protocol specification MUST mandate implementation of strong data security services.
Implementors, deployers and users of CRAM-MD5 appear not to well understand CRAM-MD5's weaknesses and hence are more apt to ignore the recommendation, especially one buried on page 5 of the specification. The CRAM-MD5 specification places no mandate on IETF protocols that state CRAM-MD5 is an applicable authentication mechanism.
-- Kurt