W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1995

Re: potential security holes in digest authorization

From: Dave Kristol <dmk@allegra.att.com>
Date: Fri, 14 Jul 95 14:51:04 EDT
Message-Id: <199507141940.AA133780820@hplb.hpl.hp.com>
To: bradb@geom.umn.edu
Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
bradb@geom.umn.edu (Brad Barber) said:

  > I'm glad to see that you are considering digest authorization 
  > for HTTP.  I noticed a few security holes that may be of
  > concern:
  > 
  > - the server's digest database of H(<username> : <realm> : <password>) should
  > receive highest security.  To the knowledgeable user, it is the same as 
  > storing passwords in the clear.  This is a weakness of the digest
  > method.  The passwd file in UNIX that is used for "basic" authorization
  > may be released without compromising strong passwords.
  [...]

I would like to propose that <password> be replace by H(<password>).
The client would pass to the server
	H(<username> : <realm> : H(<password>))
The server could store in its user/password file
	user-name:H(<password>)
That way the password would neither be passed in the clear nor stored
in the clear.

Dave Kristol
Received on Friday, 14 July 1995 12:42:04 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:23 EDT