- From: Paul Leach <paulle@microsoft.com>
- Date: Tue, 20 Jan 1998 12:49:33 -0800
- To: Yaron Goland <yarong@microsoft.com>, "'dmk@research.bell-labs.com'" <dmk@research.bell-labs.com>
- Cc: http-wg@cuckoo.hpl.hp.com
> ---------- > From: dmk@research.bell-labs.com[SMTP:dmk@research.bell-labs.com] > Sent: Monday, January 19, 1998 11:13 AM > To: Yaron Goland > Cc: http-wg@cuckoo.hpl.hp.com > Subject: RE: Some comments on Digest Auth > > Yaron Goland <yarong@microsoft.com> wrote: > > > ASSUMPTION: Avoiding replay attacks is important enough to most > implementers > > that either the standard will require or implementers will voluntarily > > refuse to accept the same nonce twice. > > > > GOAL OF THIS MESSAGE: To demonstrates that the current digest auth > > mechanism, from the point of view of performance in situations where > we wish > > to prevent replay attacks, is unacceptably sub-optimal. > > Ah, excellent that you set those forth, because I disagree with the > assumption. > > The purpose of Digest is to replace Basic, with its cleartext > passwords. Basic is already subject to replay attacks. Digest should > be no more susceptible, and it isn't more susceptible. By clever > choice of time-limited nonces, it can easily be less so. But it isn't > perfect. We've known that for a long time. > > So let me hark back to the discussion of a few weeks ago. Let's not > try to make Digest do something it was not intended to do. Let's > hold replay-proof Digest for digest-ng discussions. > No. A replayable Digest is just as bad as Basic. Paul
Received on Wednesday, 21 January 1998 04:59:07 UTC