Re: [vwrap] adding transport and capability auth types, removing MD5
Meadhbh Hamrick <ohmeadhbh@gmail.com> Thu, 08 July 2010 02:52 UTC
Return-Path: <ohmeadhbh@gmail.com>
X-Original-To: vwrap@core3.amsl.com
Delivered-To: vwrap@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 199713A6890 for <vwrap@core3.amsl.com>;
Wed, 7 Jul 2010 19:52:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.165
X-Spam-Level:
X-Spam-Status: No, score=-2.165 tagged_above=-999 required=5 tests=[AWL=0.433,
BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hGD-QJ7-4qKR for
<vwrap@core3.amsl.com>; Wed, 7 Jul 2010 19:52:38 -0700 (PDT)
Received: from mail-vw0-f44.google.com (mail-vw0-f44.google.com
[209.85.212.44]) by core3.amsl.com (Postfix) with ESMTP id 832433A67B7 for
<vwrap@ietf.org>; Wed, 7 Jul 2010 19:52:35 -0700 (PDT)
Received: by vws14 with SMTP id 14so497422vws.31 for <vwrap@ietf.org>;
Wed, 07 Jul 2010 19:52:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=domainkey-signature:received:mime-version:received:in-reply-to
:references:from:date:message-id:subject:to:cc:content-type;
bh=vHeVq/Js7fQxluPqxgGofkVl1mwwB1ExLxXuIpmzcKA=;
b=dnkMu0tX9NWT5SuGmEEk8Dd5PoMzZJ3XcKOwm7pbtKH5ts/RZvxTUM3hgGTv0aXBpD
JP9K8IwI95dsNDX6nrix+0JF2zMHgjoVW2483LwSpEF0aBAOJzEF28KN43C3utmi5xwb
JcfLIruSdvE6+BOnz692Zjj8ASza31cs1bSjw=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
h=mime-version:in-reply-to:references:from:date:message-id:subject:to
:cc:content-type;
b=ja0bNh8Z+6G8naNj2dhzz1cB4M52oNunwi0pUH5RlkZW9YhomMZzfNmOdzGJgvjfEx
6fQOdAJ/SKO/eO4P3tNtLBo4PHLasYd9NvznvLV7/KeSA2g726/dm7qElvD4VWHWQPwG
9vexWFR7xj4ETo13AqPvGSgNU3+Y/3EGEOPNQ=
Received: by 10.229.220.73 with SMTP id hx9mr4576588qcb.143.1278557556054;
Wed, 07 Jul 2010 19:52:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.229.185.73 with HTTP; Wed, 7 Jul 2010 19:52:14 -0700 (PDT)
In-Reply-To: <201007071759.22660.bobby@sharedrealm.com>
References: <AANLkTinL2XwNzGB8Cz2bfrZ0LhbFdDkpQF1Qr8CRbFhf@mail.gmail.com>
<201007071759.22660.bobby@sharedrealm.com>
From: Meadhbh Hamrick <ohmeadhbh@gmail.com>
Date: Wed, 7 Jul 2010 19:52:14 -0700
Message-ID: <AANLkTimrdKL2MgZhYK-fuEXnYCTJ8g9MYoHLRgQVs4uU@mail.gmail.com>
To: "Robert G. Jakabosky" <bobby@sharedrealm.com>
Content-Type: multipart/alternative; boundary=001636284748f41c37048ad7600f
Cc: vwrap@ietf.org
Subject: Re: [vwrap] adding transport and capability auth types, removing MD5
X-BeenThere: vwrap@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Virtual World Region Agent Protocol - IETF working group
<vwrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/vwrap>,
<mailto:vwrap-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vwrap>
List-Post: <mailto:vwrap@ietf.org>
List-Help: <mailto:vwrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vwrap>,
<mailto:vwrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jul 2010 02:52:40 -0000
okay... a little background on hashed authenticators... the original hashed authenticator was going to be used to replicate SL's functionality of sending the non-salted, non-iterated, hash of a long-term password. but we wanted to have something better, so someone came up with the challenge response scheme for use with the summer 2008 interop trial (thought honestly, i don't think it was deployed.) then i came up with the idea of using the PKCS#5 password based key derivation function (PBKDF.) and then the world went on until john hurliman and i were both trying to figure out how to leverage OpenID and OAuth in VWRAP. that's where the CALM message stuff came from. originally we were going to have the CALM message include a "one time use" shared secret that the web-auth system would tell the client and tell the VWRAP auth service about. then john came up with the idea of putting the agent_login resource behind a web capability, so he could just use proof of possession of the capability as authorization to log in. so now we're writing standards docs and we're talking about layering VWRAP application layer object access across at least three different transports: HTTP(S), XMPP and RTP. granted, it's probably unlikely that people are going to attempt to send login credentials over RTP, but i used to work with game programmers, so i've seen some pretty crazy things. so the reason we say SHOULD instead of MUST is that we don't know if the deployer will secure their network with IPSec, a Link Encryptor or TLS. HTTPS requires the use of HTTP as a transport, and we're not entirely certain that everyone wants to do that. so in the proud tradition of internet standards everywhere, we will allow implementers to shoot themselves in the foot if they really feel they need to. On Wed, Jul 7, 2010 at 5:59 PM, Robert G. Jakabosky <bobby@sharedrealm.com>wrote;wrote: > On Wednesday 07, Meadhbh Hamrick wrote: > > <snip> > > > > 2.3.2. Hashed Password Authenticator > > > > *When a hashed password is used as an authenticator, the string '$1$' > > is prepended to the UTF-8 encoding of the password and processed with > > the SHA256 cryptographic hash function [sha256]. This revision of > > the Virtual World Region Agent Protocol specification requires the > > use of SHA256 with the hashed password authenticator. It also > > requires the presence of the algorithm key, and that the value of > > this key be the string 'sha256'. Note that future versions of this > > specification may ALLOW or REQUIRE the use of other cryptographic > > hash functions.* > > > > <snip> > > > > > The use of the hashed password authenticator could result in a replay > > attack if not used in conjunction with an appropriate confidentiality > > preserving transport. Implementations using the hashed password > > authenticator SHOULD utilize appropriate encryption schemes such as > > TLS [RFC5246] or S/MIME [RFC3851]. > > > > What use is the "Hashed Password Authenticator", if the transport needs to > be > encrypted? That SHOULD needs to be a REQUIRED. If an attacker picks up > the > hashed password even once they will be able to login to the account any > time > they want, even if the service later only allows the use of > the "Challenge-Response Authenticator". Since the same hashed password can > be combined with the challenge salt. > > I think the "Hashed Password Authenticator" needs to be replaced with > a "Password Authenticator" that REQUIRES the use of an encrypted transport > and sends the password instead of a hashed password. Websites that have > login forms use HTTPS to protect the user's password. The browser doesn't > send a hashed password to the server. The use of password hashing on > websites is to protect the password stored in a database encase some > someone > hacks the site and gets a copy of the password table. That hashing is done > on the server-side not the client-side. > > A "Password Authenticator" would also allow companies like LindenLab to > continue to work with the md5 hashed passwords stored in their database. > It > would also allow companies in the future to migrate (i.e. rehash) the > passwords stored in their database when it comes time to replace a broken > hash algorithm. > > -- > Robert G. Jakabosky > _______________________________________________ > vwrap mailing list > vwrap@ietf.org > https://www.ietf.org/mailman/listinfo/vwrap >
- [vwrap] adding transport and capability auth type… Meadhbh Hamrick
- Re: [vwrap] adding transport and capability auth … Robert G. Jakabosky
- Re: [vwrap] adding transport and capability auth … Meadhbh Hamrick