- From: Tom Weinstein <tomw@netscape.com>
- Date: Wed, 24 Apr 1996 23:21:12 -0700
- To: ietf-tls@w3.org
Dan Simon wrote: > > To me, the issue is not whether password authentication is weaker than > authentication by certified asymmetric key; most everyone would agree > that this is the case. Unfortunately, for reasons ranging from > established practice to portability issues to plain ignorance, many > people will likely continue to use passwords for authentication for > some time to come, whether protocol authors want them to or not. The > issue at hand is therefore whether password-based authentication must > continue to be as weak as the encryption available (which is often, as > we all know, woefully weak), or whether, by our protocol design > choices, we can make the security of password authentication as strong > as it can possibly be. > > Nobody advocates forcing people to use passwords (even if it were > possible to do so). The question is whether we can force them not to, > and what to do given that we can't. Anyone who doesn't trust > password-based security is always free not to support it; in fact, it > takes an explicit decision by both parties to share a password before > password authentication even becomes possible. People who make that > decision are, in my view, no different from those who accept 40-bit > encryption, or proprietary, relatively unstudied RC4 over > heavily-analyzed (triple-)DES; we cryptographers might prefer that > they choose otherwise, but we recognize that security must sometimes > yield to other practical priorities. I have to agree with Mr. Kemp. Passwords for purposes of authentication do not belong in a protocol that claims to provide cryptographic security. If you really want to use passwords, you can always do it in an application level protocol. What's wrong with public key cryptography? -- Sure we spend a lot of money, but that doesn't mean | Tom Weinstein we *do* anything. -- Washington DC motto | tomw@netscape.com
Received on Thursday, 25 April 1996 02:21:17 UTC