W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1998

Re: Some comments on Digest Auth

From: Ben Laurie <ben@algroup.co.uk>
Date: Mon, 19 Jan 1998 19:42:04 +0000
Message-Id: <34C3AC8C.7EAF88D@algroup.co.uk>
To: Dave Kristol <dmk@research.bell-labs.com>
Cc: yarong@microsoft.com, http-wg@cuckoo.hpl.hp.com
Dave Kristol wrote:
> 
> Yaron Goland <yarong@microsoft.com> wrote:
> 
>   > ASSUMPTION: Avoiding replay attacks is important enough to most implementers
>   > that either the standard will require or implementers will voluntarily
>   > refuse to accept the same nonce twice.
>   >
>   > GOAL OF THIS MESSAGE: To demonstrates that the current digest auth
>   > mechanism, from the point of view of performance in situations where we wish
>   > to prevent replay attacks, is unacceptably sub-optimal.
> 
> Ah, excellent that you set those forth, because I disagree with the
> assumption.
> 
> The purpose of Digest is to replace Basic, with its cleartext
> passwords.  Basic is already subject to replay attacks.  Digest should
> be no more susceptible, and it isn't more susceptible.  By clever
> choice of time-limited nonces, it can easily be less so.  But it isn't
> perfect.  We've known that for a long time.

Agreed. Another way of saying much the same thing is that HTTP is
stateless by design. Strictly avoiding the reuse of nonces makes it
stateful (at least, I can't see a way of doing it that doesn't).
However, we can get a very similar effect by time-limiting nonces,
without changing the nature of HTTP.

> So let me hark back to the discussion of a few weeks ago.  Let's not
> try to make Digest do something it was not intended to do.  Let's
> hold replay-proof Digest for digest-ng discussions.

Exactly. Also remember that for those cases where Digest is
insufficient, there is always SSL/TLS.

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd,     |http://www.algroup.co.uk/Apache-SSL
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache
Received on Monday, 19 January 1998 11:44:00 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:10 EDT