W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2004

Re: RFC2616bis todos

From: Adam Roach <adam@nostrum.com>
Date: Fri, 26 Nov 2004 22:18:26 -0600
Message-ID: <41A80012.8020707@nostrum.com>
To: Julian Reschke <julian.reschke@gmx.de>
CC: HTTP working group <ietf-http-wg@w3.org>

> here are two things we may want to add to the RFC2616 issues list 
> (<http://skrb.org/ietf/http_errata.html>). They aren't really issues 
> but action items, though:
> 1) Update spec so that it's based on rfc2396bis,
> 2) Get rid of section 2.1 (extending RFC822's BNF syntax) and update 
> to ABNF (RFC2234).

And, for RFC 2617, there's also the matter of clarifying the
interaction between nextnonce and session mode. I brought this up
over a year ago, but there's been virtually no discussion of
the topic.

We need to either make sure that the use of session mode is clearly
specified, or we need to remove it from the specification
altogether. The current situation -- language so ambiguous that
it leads to interoperability problems -- is untenable. I'm really
just asking for one sentence to clear up behavior upon receipt of
a nextnonce when session mode is being used. I don't care what it
says; I just want it to be clear.

[Repost from 9/2003 follows]

The only description of signaling the end of an
authentication session is in section 3.3. In particular,
it says that an authentication session lasts until the
client receives another WWW-Authenticate header.

Presumably, the session ends at this point because
the nonce has changed. Using this logic, the authentication
session should also terminate if the client receives a
response with an Authentication-Info header containing a
nextnonce parameter.

Termination of a session with nextnonce isn't mentioned
anywhere, though -- so it's not clear whether this was
the intention when the RFC was written. In particular, it's
not clear to me what value changing a nonce within the
same session would provide.

To be specific, when using MD5-sess, the proper client
behavior upon receiving nextnonce is not particularly clear.
To illustrate the ambiguity, I'll demonstrate the exact
issue with a use case.

1) Client sends a request.

2) Server challenges request, with an algorithm of "MD5-Sess".
  We will call the nonce sent in this challenge "nonce-value-1".

3) Client re-sends request, with response to challenge. This response
  includes a cnonce, which we will call "cnonce-value-1". The
  response is calculated as follows:

  KD(H(unq(username-value) ":" unq(realm-value) ":" passwd)
     ":" unq(nonce-value-1) ":" unq(cnonce-value-1),
     unq(nonce-value-1) ":" nc-value ":" unq(cnonce-value-1) ":"
     unq(qop-value) ":" Method ":" digest-uri-value)

4) Server responds to request with a 200 response. This response
  contains a new nonce in a nextnonce parameter. We will call
  this value "nonce-value-2".

5) Later, the client sends a second request. It preemptively includes
  an "Authentication" header with a cnonce that we will call

Here's where the confusion lies. For the highest chance of success,
should the client calculate the response-digest as:

A) KD(H(unq(username-value) ":" unq(realm-value) ":" passwd)
     ":" unq(nonce-value-1) ":" unq(cnonce-value-1),
     unq(nonce-value-2) ":" nc-value ":" unq(cnonce-value-2) ":"
     unq(qop-value) ":" Method ":" digest-uri-value)

or as:

B) KD(H(unq(username-value) ":" unq(realm-value) ":" passwd)
     ":" unq(nonce-value-2) ":" unq(cnonce-value-2),
     unq(nonce-value-2) ":" nc-value ":" unq(cnonce-value-2) ":"
     unq(qop-value) ":" Method ":" digest-uri-value)

The text in the document would support A (since only WWW-Authenticate
ends an authentication session and H(A1) "is calculated only once" per
authentication session), while B seems far more intuitive.

Received on Saturday, 27 November 2004 04:18:56 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 16:03:14 UTC