[http-auth] Why update Digest Auth?
Yaron Sheffer <yaronf.ietf@gmail.com> Sat, 20 July 2013 16:33 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1930C21F9017 for <http-auth@ietfa.amsl.com>; Sat, 20 Jul 2013 09:33:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S-qi6GXAODU6 for <http-auth@ietfa.amsl.com>; Sat, 20 Jul 2013 09:33:36 -0700 (PDT)
Received: from mail-ea0-x22a.google.com (mail-ea0-x22a.google.com [IPv6:2a00:1450:4013:c01::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 4B8B221F8E1F for <http-auth@ietf.org>; Sat, 20 Jul 2013 09:33:35 -0700 (PDT)
Received: by mail-ea0-f170.google.com with SMTP id h10so3047761eaj.1 for <http-auth@ietf.org>; Sat, 20 Jul 2013 09:33:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=kpBCjAqEqqLgJUZUGf+3kMliVmEqz4bGh3MrB514PZc=; b=z9/fd2dtaEz1iUwxTeHYOgeXCikycJiOXXe+2bFA10D10NvBla5e1AqU2Go+avAPmB kvAZ2qFdJW45B2mWBhI//OyuZxd08og5p4TtKW8IFfVrPIu/1y+EXJ8eNtJmoftN1sy2 JVfGvvxbS7K/p7p/ituBONzE1jb19cIQy1arq4u82AWtrhkz4UTQKfuZHDzz9iXCsufj Xnds2fVy8+F2/FkslcWa8zCuuiR0XsIf4cJ7zQWz67NyJrqFJTjTt4faliWyeY5OzsSx F8zSB1IthD0V3ltpuJCJsL+c2DzhSswKXQvIV+oRDBuBnOBx4AVM9ilRqXOlIbUpqmc+ 2nGw==
X-Received: by 10.15.110.10 with SMTP id cg10mr20914306eeb.57.1374338015143; Sat, 20 Jul 2013 09:33:35 -0700 (PDT)
Received: from [10.0.0.5] (bzq-79-182-218-184.red.bezeqint.net. [79.182.218.184]) by mx.google.com with ESMTPSA id i2sm36467195eeu.4.2013.07.20.09.33.33 for <http-auth@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 20 Jul 2013 09:33:34 -0700 (PDT)
Message-ID: <51EABBDB.2090401@gmail.com>
Date: Sat, 20 Jul 2013 19:33:31 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7
MIME-Version: 1.0
To: HTTP Auth WG <http-auth@ietf.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [http-auth] Why update Digest Auth?
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jul 2013 16:33:37 -0000
Sorry for questioning the group's charter, but this keeps bugging me: I'm assuming this WG will publish two Standards Track RFCs, updating Basic and Digest Auth. And a pile of Experimental RFCs with all sorts of lovely state-of-the-art crypto. Enterprises will require vendors to implement the updated Basic and Digest, and in a few years' time we will end up with the worlds' browsers and Web servers supporting Basic and Digest Auth with I18N and (for Digest) crypto agility. Almost nobody will implement the other drafts. In addition, the websec WG will hopefully work on "session continuation", which will extend the authentication to the whole session in a better way than cookies, and will provide channel binding. Assuming much of the Internet's traffic will remain unencrypted for years, this will be "good enough" security for this traffic. But, it won't work with Digest (because it is not "key generating", to borrow an EAP term). Now my question: we are telling implementors to upgrade Digest to gain I18N (and the algorithm agility, which in this case is mostly security theater, because when using short passwords we remain vulnerable to a dictionary attack anyway). Why not tell them *instead* to move to Digest-v2, which is dictionary attack resistant? Digest-v2 could be based on EKE or SRP, or maybe on draft-oiwa-http-mutualauth, and will support session continuation. Seems to me this would be a much better use of our time, as well as implementors' energy. Thanks, Yaron
- [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Henry B. Hotz
- Re: [http-auth] Why update Digest Auth? Stephen Farrell
- Re: [http-auth] Why update Digest Auth? Yoav Nir
- Re: [http-auth] Why update Digest Auth? Rifaat Shekh-Yusef
- Re: [http-auth] Why update Digest Auth? Paul Hoffman
- Re: [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Rifaat Shekh-Yusef