RE: Security Requirements for HTTP, draft -00 from Paul Leach on 2008-01-28 (ietf-http-wg@w3.org from January to March 2008)

From: Paul Leach <paulle@windows.microsoft.com>
Date: Mon, 28 Jan 2008 12:52:29 -0800
To: Paul Hoffman <paul.hoffman@vpnc.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <920B8B05FB49A04699188E04302FE87D592CDBE2B8@NA-EXMSG-W602.wingroup.windeploy.ntd>

Here are some comments:

WRT: "2.1.  Forms And Cookies

   Almost all HTTP authentication is accomplished through HTML forms,
   with session keys stored in cookies."

I think calling them "session keys" is a little misleading, since they really aren't used to encrypt or integrity protect the session. Calling them "session IDs" would be more appropriate; best practice has them be unforgeable and unguessable (but subject to theft by MITM unless kept secret by other means) -- and almost undoubtedly there are some implementations that use incrementing session ID counters.

WRT: "2.2.2.  Digest Authentication
        ...
   Additionally, implementation experience has shown that
   the message integrity mode is impractical because it requires servers
   to analyze the full request before determining whether the client
   knows the shared secret."

Could you elaborate? The purpose of integrity protection isn't simply to determine if the client knows the shared secret, it is to insure that no MITM can modify the integrity protected data. This intrinsically requires that all integrity protected data be examined. Hence, the above statement seems to really amount to the claim that integrity protection is too expensive to be practical. However, it isn't any more expensive than TLS, and TLS is used pretty widely.

If all the server wants to know is whether the client knows the shared secret, the non-integrity-protected mode does that. The only reason to use message integrity mode is if message integrity is needed to meet security requirements.

WRT: "Many Digest capabilities included to prevent replay attacks expose the server to Denial of Service attacks."

Which capabilities in particular?


-----Original Message-----
From: ietf-http-wg-request@w3.org [mailto:ietf-http-wg-request@w3.org] On Behalf Of Paul Hoffman
Sent: Wednesday, January 23, 2008 2:00 PM
To: ietf-http-wg@w3.org
Subject: Security Requirements for HTTP, draft -00


Greetings. Alexey and I have done a small rev on Rob Sayre's earlier
document describing the security properties of HTTP and how they vary
from the IETF's "mandatory to implement" policy. We look forward to
discussion from the WG on how this document should progress (other
than the obvious places where we have holes...).

--Paul Hoffman, Director
--VPN Consortium

Received on Monday, 28 January 2008 20:53:12 UTC