Re: [apps-discuss] [http-state] HTTP MAC Authentication Scheme

["Paul E. Jones" <paulej@packetizer.com>]

Nico,

> > Gonzalo and I worked on this:
> > https://tools.ietf.org/html/draft-salgueiro-secure-state-management-04
> >
> > This may not be entirely complete, but the idea was to allow a client
> > and server to establish an association so that requests and responses
> > could be authenticated.  Is this something along the lines of what you
> > are discussing, or is this an entirely different application?
> 
> I'm completely on-board with session state[*].  My comments were
> particularly in regards to threat models.  I believe that eavesdroppers
> and active attackers both need to be considered, particularly as we have
> so many open wifi networks.
> 
> To me the simplest way to address the Internet threat model is to always
> use TLS (except, maybe, for images and such elements that have little or
> no security value, though one must be careful when making that
> determination) and to use channel binding.  See the I-D referenced
> below.
> 
> [*]  See, for example: http://www.ietf.org/id/draft-williams-rest-gss-
> 00.txt

I fully agree with you that using TLS is usually preferred.  That said, we encounter situations where there were a large number of client/server interactions and the data conveyed is not confidential information in any way.  Using TLS can significantly decreases server performance, particularly when there are a number of separate connections that are established and broken.

So, we were trying to find a non-TLS solution that still provides a way to ensure the server can identify the user and that both can verify that data has not been tampered in flight.  (It would still be preferred to establish security relations with TLS, though we were open to other solutions.)

Paul