- From: David W. Morris <dwm@xpasc.com>
- Date: Wed, 21 Jan 1998 15:29:49 -0800 (PST)
- To: John Franks <john@math.nwu.edu>
- Cc: Paul Leach <paulle@microsoft.com>, "'dmk@research.bell-labs.com'" <dmk@research.bell-labs.com>, http-wg@cuckoo.hpl.hp.com
On Wed, 21 Jan 1998, John Franks wrote: > On Wed, 21 Jan 1998, Paul Leach wrote: > > > > > The following criteria are fine by me: > > 1. Recovery of the password on one system doesn't allow its use on another > > 2. Replay attacks are limited to a reasonably small time window, and > > implementations can practically make it quite small. > > 3. Brute force attack is infeasible on well chosen passwords. > > > > We are all in agreement here. I think that the last official > version of the spec with all references to entity-digest and > Authentication-info removed pretty well meets these needs if > a timestamp is used in the nonce. I don't think there should be a normative requirement that a timestamp be used in the nonce. The server owns the nonce and could easily implement some other mechanism including tracking nonces issued and setting timelimits, perhaps even a moving window reset with each use. I have no objection for a SHOULD level requirement that the server implement some form of replay protection, and I have no objection to text which describes a timestamp and clock-less server version of nonce handling which achieves Pauls #2 objective. All given that the WG otherwise agrees that #2 should be part of the digest specification. Dave Morris
Received on Wednesday, 21 January 1998 15:31:42 UTC