Re: Closing on shared-key authentication from Jeff Williams on 1996-10-10 (ietf-tls@w3.org from October to December 1996)

From: Jeff Williams <jwkckid1@ix.netcom.com>
Date: Thu, 10 Oct 1996 13:15:09 -0500
To: Tom Weinstein <tomw@netscape.com>
Cc: ietf-tls@w3.org
Message-Id: <1.5.4.16.19961010181509.31370cca@popd.ix.netcom.com>

Tom,

  Please read below your comments.

At 10:27 AM 10/10/96 -0700, you wrote:
>Don Schmidt wrote:
>> 
>> I am delighted to see the last two postings from Taher and Barb
>> getting back to the point.  That is the utility of a TLS standard.  If
>> after all we design something that is secure but does not meet
>> customer requirements -- and so is not widely adopted -- then why
>> bother?
>> 
>> Many (if not most) of the arguments against incorporating
>> shared-secret auth in TLS (the transport vs app layer arguments) could
>> apply equally to PK-based auth.
>> 
>> Many of the obvious interoperability benefits of incorporating a
>> standard PK-based auth into TLS could equally apply to shared-secret
>> auth.
>> 
>> The point here is not whether PK-based auth is more secure than
>> shared-secret auth, or whether it provides non-repudiation, or ...
>
>[ ... snip ... ]
>
>- Password authentication weakens TLS.
>
>- The first time someone cracks a password used in TLS authentication,
>  it will erode public confidence in the security of TLS.

  I totaly agree here.  Password authentication is too problemsome I believe.
>
>- We aren't just trying to solve a problem for next quarter, we're
>  trying to generate a security standard for the Internet that will
>  stand the test of time.  I don't think we should be guided by
>  short-lived customer requirements.

  True.  Some of these customer requirnments however will be long
term and should be reviewed with that in mind.  I am an advocate
of looking long term myself.  I also believe that some of the precieved
short term customer requirnments do need attention however, otherwise
we will have a hard time achieving the long term goals.
>
>- The only security reason for including password auth in TLS is that
>  it gains stronger security by having access to strong crypto in the
>  export case.  I don't think we should include features this major
>  based solely on brain-damaged US export regulations that will
>  hopefully soon change.

  I hope you are right here, Tom.  I am not so sure that those regulations
will change all that soon.  In the interum however it seems necessary to
address password auth, for the short term.  I don't see how this should or would
inpune TLS in any really meaningfull way, long term.

Reguards,

>
>-- 
>You should only break rules of style if you can    | Tom Weinstein
>coherently explain what you gain by so doing.      | tomw@netscape.com
>
>
>
Jeffrey A. Williams
SR.Internet Network Eng. 
CEO., IEG., INC.,  Representing PDS .Ltd.
Web: http://www.pds-link.com 
Phone: 214-793-7445 (Direct Line)
Director of Network Eng. and Development IEG. INC.

Received on Thursday, 10 October 1996 14:39:19 UTC