RE: Some comments on Digest Auth

Oh wait, I thought we were requiring that nonces never be re-used. If not
then that is cool, the next-nonce header should go into a SEPARATE
specification from the draft digest auth proposal. Since it is 100%
compatible with RFC 2069 and the draft digest auth proposal I don't see any
reason to shove it into the main digest auth spec. It can ride on its own.

> -----Original Message-----
> From: []
> Sent:	Monday, January 19, 1998 11:13 AM
> To:	Yaron Goland
> Cc:
> Subject:	RE: Some comments on Digest Auth
> Yaron Goland <> wrote:
>   > ASSUMPTION: Avoiding replay attacks is important enough to most
> implementers
>   > that either the standard will require or implementers will voluntarily
>   > refuse to accept the same nonce twice.
>   > 
>   > GOAL OF THIS MESSAGE: To demonstrates that the current digest auth
>   > mechanism, from the point of view of performance in situations where
> we wish
>   > to prevent replay attacks, is unacceptably sub-optimal.
> Ah, excellent that you set those forth, because I disagree with the
> assumption.
> The purpose of Digest is to replace Basic, with its cleartext
> passwords.  Basic is already subject to replay attacks.  Digest should
> be no more susceptible, and it isn't more susceptible.  By clever
> choice of time-limited nonces, it can easily be less so.  But it isn't
> perfect.  We've known that for a long time.
> So let me hark back to the discussion of a few weeks ago.  Let's not
> try to make Digest do something it was not intended to do.  Let's
> hold replay-proof Digest for digest-ng discussions.
> Dave Kristol

Received on Wednesday, 21 January 1998 05:08:19 UTC