[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shared Key Authentication record type

To: "David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>
Subject: Re: Shared Key Authentication record type
From: Tom Weinstein <tomw@xxxxxxxxxxxx>
Date: Tue, 15 Oct 1996 12:00:09 -0700
Cc: ietf-tls@xxxxxx
Organization: Netscape Communications, Inc.
References: <>
Sender: tomw@xxxxxxxxxxxx

David P. Kemp wrote:
> 
> > From: Tom Weinstein <tomw@xxxxxxxxxxxx>
> >
>> Yes, a lot of existing protocols have lousy password mechanisms.  But
>> to integrate any sort of TLS password mechanism, you're going to have
>> to change the protocol if for no other reason than to STOP sending
>> the password in the clear.  If you're going to do that, why not just
>> fix the protocol?
> 
> I take it that this is Tom's acknowledgement that there is
> justification for including shared-key authentication within TLS as
> long as an acceptable method can be found?  Fix the protocol means "do
> it right", not "don't do it at all"?

No, you've misunderstood me.  I was referring to the particular
protocol, such as telnet or HTTP that you wished to add password
authentication to.  I still believe that this sort of mechanism does
not belong in TLS.


-- 
You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      | tomw@xxxxxxxxxxxx

References:
- Shared Key Authentication record type
  - From: David P. Kemp

Prev by Date: Re: Shared Key Authentication record type
Next by Date: Re: Shared Key Authentication record type
Previous by thread: Shared Key Authentication record type
Next by thread: Re: Shared Key Authentication record type
Index(es):
- Date
- Thread