W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2006

RE: RFC 2617 errata / MD5-sess

From: Paul Leach <paulle@windows.microsoft.com>
Date: Fri, 11 Aug 2006 01:04:36 +0000
Message-ID: <76323E9F0A911944A4E9225FACFC55BA01A8BB8B@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
To: <ingo@ingostruck.de>, "William A. Rowe, Jr." <wrowe@rowe-clan.net>
CC: <ietf-http-wg@w3.org>




The statements about strength in 2617 refer to the strength of any
password based mechanism compared to public key mechanisms. The strength
of Digest should be only limited by the strength of the password -- if
we continue to use weak hash schemes, that won't be true.

(Not to mention that in some cases, strong random passwords can be used,
and these will be as strong as the hash. We shouldn't rule these cases
out needlessly.)

-----Original Message-----
From: ietf-http-wg-request@w3.org [mailto:ietf-http-wg-request@w3.org]
On Behalf Of Ingo Struck
Sent: Thursday, August 10, 2006 10:03 AM
To: William A. Rowe, Jr.
Cc: ietf-http-wg@w3.org
Subject: Re: RFC 2617 errata / MD5-sess

William,

On Thursday 10 August 2006 16:12, William A. Rowe, Jr. wrote:
> My own concern, if the MD5-sess dialog is reopened, is to account for 
> the complete dismissal of MD5 for any authn/authz security 
> applications and to reopen the spec to extending the noonce to SHA1 /
SHA2 semantics.
>
> MD5 is already past it's prime, and SHA1 is heading that way as well.
> It would be good to anticipate future hash support by adding anything 
> of SHA2 up to SHA-512 and providing for an extensible description of 
> the negotiated hash employed for this purpose.
First, rfc2617 explicitly states that it is not and does not want to be
a cryptographically strong authentication mechanism (it only wants to
substitute the completely unacceptable plain-text-password basic-auth)
Received on Friday, 11 August 2006 07:36:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:46 GMT