RE: [Content-MD5 and Message Digest Authentication.], MD5 broken.

On Fri, 26 Apr 1996, Paul Leach wrote:

> >From:[]
> >

> >The problem with digest auth that I hadn't anticipated is that as
> >presently 
> >stated the spec means that if you change the keyed digest algorithm you
> >also 
> >need to exchange a separate shared secert.

In light of the problem raised by Phill I suggest the following.
We had already decides to try to "dock" the digest auth document with
HTTP/1.0.  I think that a reasonable thing to do now would be to 
separate the digest auth spec into two parts, only one of which would
dock with HTTP/1.1.  Unless I am mistaken the only part parts affected by the
MD5 weakness is the optional "digest" field of the the response header
and the optional "digest" field of the AuthenticationInfo header. 
I think we should "fire the explosive bolts" on this part making it
a separate option extension described in a separate document (and 
emphasing the use of a different algorithm).  Meanwhile the authentication
role of digest, i.e. its use as a replacement for basic would still
be intact and still secure.


John Franks 	Dept of Math. Northwestern University

Received on Monday, 29 April 1996 08:47:01 UTC