There are authentication algorithms that get rid of plain-text and that still allow a recovered password to be used against other systems. (Digest would be one if it didn't mix the realm name into the key used to compute the response. I wouldn't be suprised if that weren't accidental -- the CRAM MD5 protocol being used in POP3 and other mail protocols does not have that property.) So, I'm not complaining about the current digest spec -- I just don't want the criterion to be "it's not plaintext, so it's OK". The following criteria are fine by me: 1. Recovery of the password on one system doesn't allow its use on another 2. Replay attacks are limited to a reasonably small time window, and implementations can practically make it quite small. 3. Brute force attack is infeasible on well chosen passwords. PaulReceived on Wednesday, 21 January 1998 11:13:35 EST
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:11 EDT