Re: [http-auth] Why update Digest Auth?
Yaron Sheffer <yaronf.ietf@gmail.com> Mon, 22 July 2013 20:44 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CECC311E811B for <http-auth@ietfa.amsl.com>; Mon, 22 Jul 2013 13:44:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K9+I8dO239B5 for <http-auth@ietfa.amsl.com>; Mon, 22 Jul 2013 13:44:37 -0700 (PDT)
Received: from mail-ea0-x235.google.com (mail-ea0-x235.google.com [IPv6:2a00:1450:4013:c01::235]) by ietfa.amsl.com (Postfix) with ESMTP id 0682E11E80D3 for <http-auth@ietf.org>; Mon, 22 Jul 2013 13:44:33 -0700 (PDT)
Received: by mail-ea0-f181.google.com with SMTP id a15so4103781eae.26 for <http-auth@ietf.org>; Mon, 22 Jul 2013 13:44:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=KjqliNxuih2SAN3KzOvv2YY1J8x2ElI0DIXv+ZnE3X4=; b=xdONIdJqX/9/wsbI8NnvyxZmqoOE2boopk+uhTxUqMRx0B136BtR1oqN5Oy1Y7mWYC oCyv1qyLXduGNOyVGIIB0YZZRDhzA7QSCLsSutZRgkBsKsy1osj2KYARkI59OqPceDXp 5IjELio9pM6xMD1aLn2USCmIpNcx0gJg5Czlwoc91nnl5bM+7aGflYY8ByCj2EBYFK5/ k/6Eq9OAw0yxMjf4dbQ1H8VUVSriZ3BKotHl1uohQO6bGZ1FU5xg32AECVee+cb8QNcN HHF+coZbr6i63XbQdT45vhrjTqO1Zh+o5NBvhxuvJvKBa4ZqNAU2dk5D3nIdSP5Wz0Kx vsTA==
X-Received: by 10.15.21.199 with SMTP id d47mr29067977eeu.36.1374525873088; Mon, 22 Jul 2013 13:44:33 -0700 (PDT)
Received: from [10.0.0.5] (bzq-79-181-185-54.red.bezeqint.net. [79.181.185.54]) by mx.google.com with ESMTPSA id r54sm53600309eev.8.2013.07.22.13.44.31 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 22 Jul 2013 13:44:32 -0700 (PDT)
Message-ID: <51ED99AE.3000403@gmail.com>
Date: Mon, 22 Jul 2013 23:44:30 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <51EABBDB.2090401@gmail.com> <51EC7974.4020606@cs.tcd.ie>
In-Reply-To: <51EC7974.4020606@cs.tcd.ie>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: HTTP Auth WG <http-auth@ietf.org>
Subject: Re: [http-auth] Why update Digest Auth?
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jul 2013 20:44:38 -0000
On 2013-07-22 03:14, Stephen Farrell wrote: [Speculation and counter-speculation removed. As a policy, I never bet a beer with an Irishman :-) ] >> >> Now my question: we are telling implementors to upgrade Digest to gain >> I18N (and the algorithm agility, which in this case is mostly security >> theater, because when using short passwords we remain vulnerable to a >> dictionary attack anyway). Why not tell them *instead* to move to >> Digest-v2, which is dictionary attack resistant? Digest-v2 could be >> based on EKE or SRP, or maybe on draft-oiwa-http-mutualauth, and will >> support session continuation. >> >> Seems to me this would be a much better use of our time, as well as >> implementors' energy. > > Not to me. You can already and should already run over TLS, at which > point any advantage of ZKPP gets lost in the noise since phishing and > password verifier DB leakage are entirely unaffected by the elegant > ZKPP bit fiddling. (That is a shame, since the crypto really is quite > elegant, but its nonetheless true.) Everybody running on TLS today uses Basic, and I'd be surprised if we started seeing Digest on TLS. OTOH on insecure transport, ZKPP has a strong advantage, despite the database stealing vulnerability. IMHO assuming that non-TLS use will simply go away is way too optimistic. > > So I'm still of the opinion that minimal modernising of the existing > schemes plus some experiments is right here and we should not > pointlessly anoint any of the experiments with standards-track > status until after we've seen that they are useful in reality. > > Having said that, if we decided to abandon work on Digest I'd not > object. > > S. > >> >> Thanks, >> Yaron >> _______________________________________________ >> http-auth mailing list >> http-auth@ietf.org >> https://www.ietf.org/mailman/listinfo/http-auth >> >>
- [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Henry B. Hotz
- Re: [http-auth] Why update Digest Auth? Stephen Farrell
- Re: [http-auth] Why update Digest Auth? Yoav Nir
- Re: [http-auth] Why update Digest Auth? Rifaat Shekh-Yusef
- Re: [http-auth] Why update Digest Auth? Paul Hoffman
- Re: [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Yaron Sheffer
- Re: [http-auth] Why update Digest Auth? Rifaat Shekh-Yusef