W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

RE: Some comments on Digest Auth

From: Dave Kristol <dmk@research.bell-labs.com>
Date: Mon, 19 Jan 98 14:13:24 EST
Message-Id: <9801191913.AA24142@aleatory.tempo.bell-labs.com>
To: yarong@microsoft.com
Cc: http-wg@cuckoo.hpl.hp.com
Yaron Goland <yarong@microsoft.com> wrote:

  > ASSUMPTION: Avoiding replay attacks is important enough to most implementers
  > that either the standard will require or implementers will voluntarily
  > refuse to accept the same nonce twice.
  > 
  > GOAL OF THIS MESSAGE: To demonstrates that the current digest auth
  > mechanism, from the point of view of performance in situations where we wish
  > to prevent replay attacks, is unacceptably sub-optimal.

Ah, excellent that you set those forth, because I disagree with the
assumption.

The purpose of Digest is to replace Basic, with its cleartext
passwords.  Basic is already subject to replay attacks.  Digest should
be no more susceptible, and it isn't more susceptible.  By clever
choice of time-limited nonces, it can easily be less so.  But it isn't
perfect.  We've known that for a long time.

So let me hark back to the discussion of a few weeks ago.  Let's not
try to make Digest do something it was not intended to do.  Let's
hold replay-proof Digest for digest-ng discussions.

Dave Kristol
Received on Monday, 19 January 1998 11:15:25 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:10 EDT