IETF Logo Mail Archive

Re: [dispatch] New SIP digest algorithm … Re: New Version Notification for draft-johansson-dispatch-dane-sip-00.txt

Rifaat Shekh-Yusef <rifaat.ietf@gmail.com> Wed, 08 January 2014 20:56 UTC

Return-Path: <rifaat.ietf@gmail.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 136311AE1AA for <dispatch@ietfa.amsl.com>; Wed, 8 Jan 2014 12:56:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Level:
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LsXdl7I3J2rD for <dispatch@ietfa.amsl.com>; Wed, 8 Jan 2014 12:56:27 -0800 (PST)
Received: from mail-ea0-x231.google.com (mail-ea0-x231.google.com [IPv6:2a00:1450:4013:c01::231]) by ietfa.amsl.com (Postfix) with ESMTP id 5C1D91AE19F for <dispatch@ietf.org>; Wed, 8 Jan 2014 12:56:27 -0800 (PST)
Received: by mail-ea0-f177.google.com with SMTP id n15so1060655ead.8 for <dispatch@ietf.org>; Wed, 08 Jan 2014 12:56:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=HE9+9E8YMJt9ZSJ5ZC5FFIKl5Aj1Woj3hYacp6AU4GU=; b=QKUDZgma7Kf926lwW+rClDlyCov8274ZYSGLL2gdQC9b37CbEJw7XQYPBN9GNl/N6S R2AGskzkKNmAqVBPYdg/XYYVu7TcJ5iTPGqursxCQsHa6YUzLZmjoOzB/ayCoSb30iYF uu3fsHRr7130xcOouRPZLVBYr1ZHRoQ95o/qEjc4r42PdGUL751nQeovFFMJguTnzehK MqtXVtEZ0M9bym9TmwHNG91AdSxYj6KV+iMLzFDpYn7EIa8mll5mWffaVKQ0LO1QcqXb Mz8wIsZclTeKRgGhfHg+bEFQgzoqMScttcZQxF789tEI41DBHNf0LjUbcKyKvnvyEMNj yU9A==
MIME-Version: 1.0
X-Received: by 10.15.43.10 with SMTP id w10mr101886258eev.13.1389214577521; Wed, 08 Jan 2014 12:56:17 -0800 (PST)
Received: by 10.14.53.78 with HTTP; Wed, 8 Jan 2014 12:56:17 -0800 (PST)
In-Reply-To: <F4611252-A4F0-48D2-ADD2-52A7A0795EDB@cisco.com>
References: <20140102101042.27427.64547.idtracker@ietfa.amsl.com> <0BA14051-5C7F-4416-8CD2-413347D540D3@edvina.net> <CAGL6epLG7DwzBJFpQ=-9mLf9S8f5JLkiCFWu-yrLsWmaRy+x7Q@mail.gmail.com> <F4611252-A4F0-48D2-ADD2-52A7A0795EDB@cisco.com>
Date: Wed, 08 Jan 2014 15:56:17 -0500
Message-ID: <CAGL6epJdY+ZG-v_vZB706Z9XbfX1n=6Ag8GnrK7atdSq4DP5Dg@mail.gmail.com>
From: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
To: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
Content-Type: multipart/alternative; boundary="089e0168164468f9c204ef7bb9ef"
Cc: "dispatch@ietf.org list" <dispatch@ietf.org>
Subject: Re: [dispatch] New SIP digest algorithm … Re: New Version Notification for draft-johansson-dispatch-dane-sip-00.txt
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2014 20:56:29 -0000

Thanks Cullen,

Updating the Digest mechanism should be simple and straightforward to allow
us to address the algorithms limitation without requiring major changes to
the deployed systems.

I agree that we need a better solution for SIP that would also allow us to
provide a better way of storing the passwords in the DB.
I have been thinking about other solutions, but did not have a chance to
look at OAuth yet; I will take a look.

Regards,
 Rifaat



On Wed, Jan 8, 2014 at 1:49 PM, Cullen Jennings (fluffy)
<fluffy@cisco.com>wrote:

>
> On Jan 2, 2014, at 11:34 AM, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
> wrote:
>
> > Hi Olle,
> >
> >        >Can we improve upon MD5 digest authentication?
> >
> > Take a look at the following HTTPAuth WG document:
> > https://datatracker.ietf.org/doc/draft-ietf-httpauth-digest/
> >
> > I have been working on this for some time, with SIP in mind. This
> started as an attempt to update RFC2617, and now it is a different document
> that will obsolete RFC2617.
> > The document updates 3 aspects of RFC2617:
> > 1. Algorithms agility: use of SHA2
> > 2. Internationalization
> > 3. Username hashing
> >
> > I am planning on writing a document to update the digest algorithms for
> SIP.
> >
> > Regards,
> >  Rifaat
> >
> >
>
> I suspect that sip core would be the best place to move forward a proposal
> like that. Personally, I would probably ague that moving to OAuth might be
> a better way to move forward.
>
> Cullen (with my individual contribute hat on)
>
>
>

v2.23.0 | Report a Bug | By Email