RE: Final Review of Digest Authentication

Digest is subject to "man in the middle" attacks because not all fields
are included in the digest. This is explained in the remainder of the
section that was elided from my message because it hadn't changed. If
you review the whole section and still believe that it's worth fixing,
let me know.  However, please keep in mind when making that decision
that delay at this point may cause it to not be able to be incorporated
into the HTTP/1.1 spec -- we'd like to do that to increase liklihood of
deployment.

>----------
>From: 	hallam@Etna.ai.mit.edu[SMTP:hallam@Etna.ai.mit.edu]
>Sent: 	Monday, June 10, 1996 5:49 PM
>To: 	Paul Leach <paulle@microsoft.com;
>'http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com'; 'John Franks'
>Cc: 	hallam@Etna.ai.mit.edu
>Subject: 	Re: Final Review of Digest Authentication  
>
>
>Paul writes:
>
>>  Both Basic and Digest authentication are vulnerable to "man in the
>>  middle" attacks, for example, from a hostile or compromised proxy.
>>  Clearly, this would present all the problems of eavesdropping.  But
>>  it could also offer some additional threats.
>
>This isn't quite right. Digest authentication is not vulnerable
>to a man in the middle attack as described. Digest is vulnerable to
>a downgrade attack where a client supports BASIC and BASIC is
>vulnerable to man in the middle.
>
>If a client does not support Digest the vulnerability to password 
>snooping goes away beacuse a client will not divulge the password under
>any circumstances.
>
>Its a picky point but an important one.
>
>	Phill
>
>

Received on Monday, 10 June 1996 18:04:23 UTC