- From: Paul Leach <paulle@microsoft.com>
- Date: Wed, 21 Jan 1998 10:14:49 -0800
- To: 'John Franks' <john@math.nwu.edu>, Dave Kristol <dmk@bell-labs.com>, Yaron Goland <yarong@microsoft.com>
- Cc: http-wg@cuckoo.hpl.hp.com
There is no harm in allowing BOTH client and server to each generate part of the nonce, and much good -- it makes precomputed dictionary attacks harder. > ---------- > From: Yaron Goland > Sent: Monday, January 19, 1998 10:45 AM > To: 'John Franks'; Dave Kristol > Cc: http-wg@cuckoo.hpl.hp.com > Subject: RE: Some comments on Digest Auth > > I think the proposal to allow clients to generate nonces is intriguing but > it does concern me from a long term security point of view. Experience has > taught that allowing clients to generate what is essentially server side > information leads to trouble. For example in DAV we learned a long time > ago > to not let clients generate URIs, it tends to break things. In this case > allowing the client to generate nonces remove's flexibility on the > server's > part in how it generates and manages nonces. Furthermore I'm concerned > with > behavior through proxies where a proxy may have multiple connections to a > server and may put a client's request into any one of its connections to > that server. > > I guess i'm just old fashioned but I always like to err on the side of > maximum flexibility. In this case that means only giving the server the > right to generate nonces. > > Yaron >
Received on Wednesday, 21 January 1998 10:16:41 UTC