[sasl] Importance of exact Authentication Information to ensure reaching design goals
Tobias Markmann <tmarkmann@googlemail.com> Tue, 08 June 2010 19:36 UTC
Return-Path: <tmarkmann@googlemail.com>
X-Original-To: sasl@core3.amsl.com
Delivered-To: sasl@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2FF993A683E for <sasl@core3.amsl.com>; Tue, 8 Jun 2010 12:36:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hUw+NbOCB35A for <sasl@core3.amsl.com>; Tue, 8 Jun 2010 12:36:39 -0700 (PDT)
Received: from mail-ew0-f216.google.com (mail-ew0-f216.google.com [209.85.219.216]) by core3.amsl.com (Postfix) with ESMTP id 5CBFE3A67D4 for <sasl@ietf.org>; Tue, 8 Jun 2010 12:36:39 -0700 (PDT)
Received: by ewy8 with SMTP id 8so1225496ewy.28 for <sasl@ietf.org>; Tue, 08 Jun 2010 12:36:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:from:content-type:subject :date:message-id:to:mime-version:x-mailer; bh=JCFSdq2w3qfwbJEeqLW86/PLXp7ZJ0BC5wPfROQLW/M=; b=xrDkgpw864gRNHXNnQz1E+CdkMT9l61poO81pVt/rNVtumCiPHkGbp90h0elxKKSL6 8UZ2m5fNo6oPYkiBqodLDGhhFozItWzBw++Xvr20SFaVi3rjKX4ev1QOZVbtbcDc6hc5 lZVVj7D8PWtyBBHIq+ou71HkgMVvocoa5pIZs=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=from:content-type:subject:date:message-id:to:mime-version:x-mailer; b=lFvxFsaUR+lWT+kuIbGyBx4Eb2p6o/458wF0KZc/dHmvGDHox3WsmgkdFmEk33kVZA Uo/ieTwbCA/3oRUWbDAmm+92lRHFP19rROJNDbd4kECow56TChzPBjOOgWOJ3zXw4kaG y+r8EZtJA0a3/VIHLuosNZYfeKj9Bal9sTlZ0=
Received: by 10.213.9.70 with SMTP id k6mr696733ebk.54.1276025796905; Tue, 08 Jun 2010 12:36:36 -0700 (PDT)
Received: from [192.168.0.3] (port-11597.pppoe.wtnet.de [84.46.45.122]) by mx.google.com with ESMTPS id 13sm3542500ewy.9.2010.06.08.12.36.35 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 08 Jun 2010 12:36:35 -0700 (PDT)
From: Tobias Markmann <tmarkmann@googlemail.com>
Content-Type: multipart/signed; boundary="Apple-Mail-3--781634400"; protocol="application/pkcs7-signature"; micalg="sha1"
Date: Tue, 08 Jun 2010 21:36:32 +0200
Message-Id: <77312093-F63B-468D-A9DC-144C83FE7207@googlemail.com>
To: SASL WG <sasl@ietf.org>
Mime-Version: 1.0 (Apple Message framework v1078)
X-Mailer: Apple Mail (2.1078)
Subject: [sasl] Importance of exact Authentication Information to ensure reaching design goals
X-BeenThere: sasl@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SASL Working Group <sasl.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sasl>
List-Post: <mailto:sasl@ietf.org>
List-Help: <mailto:sasl-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sasl>, <mailto:sasl-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jun 2010 19:36:41 -0000
Hi, would it still be possible to add/change a little text in SCRAM? I think there should be more emphasis on the fact that if you don't store the information described as authentication information you'll loose one of the major design goal, being point 3, "The authentication information stored in the authentication database is not sufficient by itself to impersonate the client.". Sure this seems obvious if you read it from top to end but I've still the impression that the authentication particulars for the client are described more clearly. Cheers, Tobias -- Tobias Markmann http://ayena.de
- [sasl] Importance of exact Authentication Informa… Tobias Markmann
- Re: [sasl] Importance of exact Authentication Inf… Nicolas Williams